90e4a09661
mod_pubsub: Include <pubsub> with unsubscribe reply
...
XEP-0060 6.2.2
This is a MAY but it makes it nice and symmetric with the subscription
response. Reduces the need to remember which node you unsubscribed from.
Explicit > implicit etc.
5 years ago
89ec64ff89
mod_csi_simple: s/algoritm/algorithm/ [codespell]
5 years ago
8673a99a09
mod_s2s: Buffer stream error + stream closing tag
...
In "opportunistic writes" mode, prevents ondisconnect from happening
while writing the stream closing tag.
5 years ago
494b53ce0b
mod_s2s: Check direction in bidi-aware style
...
Both session.incoming and session.outgoing are truthy here, but
session.direction indicates the "real" direction in the way that matters
for the order of events when opening or closing streams.
5 years ago
bef26775f1
mod_s2s: Add config setting to enable DANE
5 years ago
4b60587e75
mod_http: Consolidate handling of proxied connection details
...
Trying to move everything relating to proxies and X-Forwarded-Foo into a
single place.
5 years ago
2acba62388
net.http.server: Set request.ip so mod_http doesn't have to
...
Because it already sets request.secure, which depends on the connection,
just like the IP, so it makes sense to do both in the same place.
Dealing with proxies can be left to mod_http for now, but maybe it could
move into some util some day?
5 years ago
aa9e2741d5
mod_http: Restore ip field for requests without proxies
...
8603011e51fe optimized out more than just the loop, leaving the .ip
field blank when the request wasn't from a proxy.
5 years ago
dfaf43cc3f
mod_http_file_share: Skip removal of nothing
...
In case none of the expired files could be deleted then it's a waste of
an API call to try to remove any of the metadata at all.
5 years ago
a2648b9d64
mod_http_file_share: Remove correct entries when not all expired files were deleted
...
If any of the expired files could not be deleted then we should not
forget about that, we should complain loudly and try again.
The code got this backwards and would have removed only the entries
referring to still existing files.
Test procedure:
1. Upload a file
2. chown root:root http_file_share/
3. In uploads.list, decrease 'when' enough to ensure expiry
4. Reload mod_http_file_share
5. Should see an error in the logs about failure to delete the file
6. Should see that the metadata in uploads.list is still there
7. chown http_file_share/ back to the previous owner
8. Reload mod_http_file_share
9. Should see logs about successful removal of expired file
10. Should see that the metadata in uploads.list is gone
11. Should see that the file was deleted
5 years ago
fcaf27fc8a
mod_http_errors: Add some comments
5 years ago
3180f48bc5
mod_http_errors: Add some silly variations for the '/' page
...
> "You can do anything in XMPP!"
> as a reminiscence of zombo.com
-- jonas’
> A study in simplicity.
Prosody tagline
5 years ago
0a5ac437b9
mod_http_file_share: Fix traceback on missing file-type
...
attempt to index a nil value (local 'filetype') casued by the :gsub call
5 years ago
40252c2cc7
mod_csi_simple: Add command to test importance algorithm on stream of stanzas
...
This won't include behavior provided by extra modules tho.
5 years ago
4ed5700a19
mod_http: Improve message for missing 'route'
...
This was the late night early draft text, thought I had amended this but
apparently I forgot.
5 years ago
19eb907613
mod_http: Warn if app is missing 'route'
...
Makes no sense to have a http module with no handlers
Would have helped me when I accidentally
module:provides("http", {
GET = handler;
})
5 years ago
b01915e81c
mod_http_file_share: Allow credentials via CORS (needed for auth token)
5 years ago
e52a77ff84
mod_http: Fix trusted proxies check (thanks buildbot)
...
is_trusted_proxy() is only in trunk, I dun goofed when I rebased
8603011e51fe from trunk.
5 years ago
80116bf0e3
mod_http: Skip IP resolution in non-proxied case
...
Skips doing the whole get_ip_from_request() dance if the request isn't
from a proxy at all, even if the client sent the header for some reason.
5 years ago
f01247ec56
mod_pep: Advertise base pubsub feature ( fixes #1632 )
...
Noticed while discussing feature discovery in Gajim
Thanks lovetox
5 years ago
db3c36c69d
mod_s2s: Fix copypaste mistake in b3ae48362f78
...
Directly sending something over s2s needs to use sends2s() but the code
copied from mod_c2s had .send()
5 years ago
4bceaa2443
MUC: Fix logic bug causing unnecessary presence to be sent, fixes #1615 (thanks damencho)
5 years ago
f4c821cc4a
mod_s2s: Prevent whitespace keepalives the stream has been opened
...
This will result in the stream timing out instead, which is probably
correct if the stream has not been opened yet.
This was already done for c2s in e69df8093387
Thanks Ge0rG
5 years ago
15b64ea4ff
mod_saslauth: Only advertise channel binding if a finished message is available
...
In some cases this method returns nothing, unclear why.
5 years ago
b62216fab3
mod_saslauth: Disable 'tls-unique' channel binding with TLS 1.3 ( closes #1542 )
...
The 'tls-unique' channel binding is undefined in TLS 1.3 according to a
single sentence in parenthesis in Apendix C of RFC 8446
This may trigger downgrade protection in clients that were expecting
channel binding to be available.
5 years ago
63f44f3640
mod_pubsub: Fix notification stanza type setting ( fixes #1605 )
5 years ago
ce3e3808f5
mod_pubsub: Lower priority of default <body> generator
...
in order to avoid conflict with a handler at the default (0) priority,
making it easier to write your own formatting in plugins.
this follows the common pattern of default modules having lower priority
5 years ago
d65d38846d
mod_http: Allow modifying CORS header list via :provides API
...
E.g.
module:provides("http", {
cors = {
headers = {
Accept = true;
Expect = false;
};
};
route = { ... };
});
Case might be weird.
6 years ago
5d4446cd13
mod_http: Allow setting the CORS credentials flag via :provides API
...
E.g.
module:provides("http", {
cors = {
credentials = true;
};
route = { ... };
});
6 years ago
24974dc1c6
mod_http_errors: Style tweak
...
Weird to have the background all the way to the edge of the viewport.
Would be nice if this could be done without the extra span.
5 years ago
900fe6a1cb
mod_http_file_share: Return a message from the base URL
5 years ago
49d6a7a91f
mod_websocket: Use mod_http_errors html template #1172
...
Same as the prior commit to mod_bosh
5 years ago
d18348b578
mod_bosh: Include warning if endpoint accessed insecurely ( #1172 )
...
This is to make it obvious if a misconfigured a proxy or the request
really is insecure.
Perhaps it should also check c2s_require_encryption?
5 years ago
5860017b9f
mod_bosh: Use message template from mod_http_error
...
Looking Good!
And most importantly, consistent.
5 years ago
ba8610666a
mod_http_errors: Add a highlighted warning to template
...
It looks sooooo good!
Meant to be used by e.g. mod_bosh to warn in case the request is
considered insecure.
5 years ago
6d29fa653c
mod_http_errors: Add way to reuse the error page template
...
module:fire_event("http-message", {title = "hello"; message = "world"})
Goal is to enable consistent messages from Prosody. Not necessarily
error messages, but warnings or just notices.
This does cause some drift in the purpose of mod_http_errors, but that's
okay.
5 years ago
699e27da56
mod_http_errors: Minify CSS
...
Because It looks too big in view source!
5 years ago
0e6a6fff96
mod_http: Optimize proxy IP check
...
No need to do a subnet match comparison to see if two IP addresses match
exactly.
5 years ago
231e87ab05
mod_websocket: Inherit security status from http request
...
Allows requests considered secure becasue of a proxy header to carry
over to the client session.
mod_bosh does this too.
5 years ago
362c228c47
mod_http: Consider x-forwarded-proto from trusted proxies
...
Should be better than setting consider_{bosh,websocket}_secure as that
may end up causing actually insecure requests to be considered secure.
Doing it here, as with IP, should make this apply to all HTTP modules.
5 years ago
51b055809a
mod_csi_simple: Fire event when flushing queue
...
To let other plugins know and take some action, e.g. flushing other
buffers or whatnot.
5 years ago
dcab373f45
mod_csi_simple: Set session state to 'flushing' while doing so
...
May be useful for 3rd party modules.
5 years ago
3151984042
mod_http_file_share: Prevent attempt to upload again after completion
5 years ago
9501c7b976
mod_http_file_share: Support sending 100 Continue
...
E.g. curl will ask for this when sending large uploads. Removes a delay
while it waits for an error or go-agead.
5 years ago
cd1aadb52e
mod_s2s: Clarify comment about unused TLS settings
...
Ref 115b5e32d960
5 years ago
196c9f070e
mod_admin_shell: Add help section with (top level) MUC commands
...
These were previously only documented on the site.
5 years ago
ca39262991
mod_admin_shell: Pretty-print HTTP endpoints in a human table
...
Attempted readability improvement
5 years ago
bdb5e39f5c
mod_admin_shell: Remove previous print() call
...
Accident involving Mercurial interactive commit
5 years ago
d8d5ad3bea
mod_admin_shell: List modules providing each HTTP endpoint
5 years ago
a64ae4e8d5
mod_admin_shell: List global HTTP endpoints by default
...
Trick copied from the module commands
5 years ago
Kim Alvefur