mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 05:07:42 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
13812 commits 12 branches 100 tags 40 MiB
Commit graph

220 commits

Author SHA1 Message Date
Kim Alvefur
68296b6a8e mod_bosh,mod_websocket: Don't load mod_http_altconnect in global context 
It blocked loading on VirtualHosts since it was already loaded globally

Thanks eTaurus
 2025-02-22 21:45:34 +01:00
Matthew Wild
573e9f2716 mod_bosh, mod_websocket: Add soft dependency on mod_http_altconnect 2025-02-16 13:32:59 +00:00
Matthew Wild
2bc341d8b1 mod_bosh: Set base_type on session 
This fixes a traceback with mod_saslauth. Ideally we move this to util.session
at some point, though.
 2024-03-17 10:10:24 +00:00
Matthew Wild
40c7ebddd1 mod_bosh: Include stream attributes in stream-features event 
This matches what mod_c2s does, and fixes a traceback in mod_sasl2_fast when
used with BOSH (that module tries to use event.stream.from).
 2023-10-28 13:15:56 +01:00
Kim Alvefur
71ad48095d plugins: Use integer config API with interval specification where sensible 
Many of these fall into a few categories:
- util.cache size, must be >= 1
- byte or item counts that logically can't be negative
- port numbers that should be in 1..0xffff
 2023-07-17 01:38:54 +02:00
Kim Alvefur
1987a7411f plugins: Switch to :get_option_period() for time range options 
Improves readability ("1 day" vs 86400) and centralizes validation.
 2023-07-16 20:49:33 +02:00
Kim Alvefur
98922d54b1 plugins: Prefix module imports with prosody namespace 2023-03-24 13:15:28 +01:00
Matthew Wild
f19f1088b7 mod_http (and dependent modules): Make CORS opt-in by default (fixes #1731) 
The same-origin policy enforced by browsers is a security measure that should
only be turned off when it is safe to do so. It is safe to do so in Prosody's
default modules, but people may load third-party modules that are unsafe.

Therefore we have flipped the default, so that modules must explicitly opt in
to having CORS headers added on their requests.
 2022-03-28 14:53:24 +01:00
Kim Alvefur
89ace39a31 mod_bosh: Only enable host-agnostic HTTP routing when enabled globally 
This way the host-agnostic http://*:5280/ handler is not enabled, but
BOSH can still be used with any local VirtualHost

Ref #1712
 2022-02-04 17:52:13 +01:00
Kim Alvefur
ef6cb64b9e mod_c2s,etc: Identify stanza object with appropriate function 
Better than duck typing, in case anyone ever passes a non-stanza table
with a 'name' field.
 2021-10-24 15:17:01 +02:00
Kim Alvefur
b49c57d53f mod_bosh: Fix typo in comment 2021-09-19 16:28:16 +02:00
Kim Alvefur
e7df432614 mod_bosh,mod_websocket: Make into global-shared modules (...again) 
Global modules aren't quite considered loaded onto hosts, which
causes confusion in some cases. They are also reported in the log as
being served on http://*:5280/foo which is also a bit confusing, and
can't be clicked.

Global modules also have to have their paths configured in the global
section, which could be confusing and unexpected.

This global+shared method should be the best of both worlds.
 2021-06-21 22:50:23 +02:00
Kim Alvefur
c315a85201 mod_bosh: Add todo to use util.session to create session object 
So that we get single point where shared session properties can be
added. But not now. One day. Maybe. Patches welcome.
 2021-07-29 20:04:57 +02:00
Kim Alvefur
c506269ff5 Fix various spelling errors (thanks codespell) 
Also special thanks to timeless, for wordlessly reminding me to check
for typos.
 2021-07-27 00:13:18 +02:00
Matthew Wild
5bc8b2a379 Merge 0.11->trunk 2021-05-13 11:17:13 +01:00
Kim Alvefur
d18348b578 mod_bosh: Include warning if endpoint accessed insecurely (#1172) 
This is to make it obvious if a misconfigured a proxy or the request
really is insecure.

Perhaps it should also check c2s_require_encryption?
 2021-02-21 06:18:22 +01:00
Kim Alvefur
5860017b9f mod_bosh: Use message template from mod_http_error 
Looking Good!

And most importantly, consistent.
 2021-02-21 06:17:40 +01:00
Kim Alvefur
7eb15b0b3f mod_bosh: Count connection attempts non-VirtualHost as "bad host" (stats) 2020-10-03 15:09:12 +02:00
Kim Alvefur
438de6e045 Merge 0.11->trunk 2020-10-03 15:07:48 +02:00
Kim Alvefur
62eee94e2b mod_bosh: Ensure that stream is directed to a VirtualHost (fixes #425) 2020-10-03 15:03:09 +02:00
Kim Alvefur
8f2b039615 mod_bosh: Pick out the 'wait' before checking it instead of earlier 
Going to add more host related checks, so to keep the wait variable
closer to the related checks
 2020-10-03 14:59:11 +02:00
Matthew Wild
4c4e764e23 mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default stanza size limits 
c2s/bosh/ws streams will default to 256KB, s2s and components to 512KB.

These values are aligned with ejabberd's default settings, which should reduce
issues related to inconsistent size limits between servers on the XMPP network.

The previous default (10MB) is excessive for any production server, and allows
significant memory usage by even unauthenticated sessions.
 2021-05-07 17:03:49 +01:00
Matthew Wild
ff9bdefc7e mod_bosh, mod_websocket: Add config options to override GET responses 2020-04-20 11:30:59 +01:00
Kim Alvefur
6164878eb1 mod_bosh: Abort early if request is missing hostname 
Prevents traceback from passing nil to nameprep()
 2019-11-02 15:29:13 +01:00
Kim Alvefur
5cd064035a mod_bosh: Handle missing wait attribute (fixes #1288) 
250855633092 did not fix this completely.
 2019-01-10 13:07:22 +01:00
Kim Alvefur
40b1e3e0ed plugins: Remove tostring call from logging 
Taken care of by loggingmanager now

Mass-rewrite using lua pattern like `tostring%b()`
 2019-07-30 02:29:36 +02:00
Kim Alvefur
b532d20ef3 mod_bosh: Fire stream feature event on hosts (thanks gerald) 
Since the module is now global, this event was also fired in a global
context by default.
 2018-09-24 17:46:51 +02:00
Kim Alvefur
c2562cb468 mod_bosh: Make BOSH global again! 2018-09-22 00:01:21 +02:00
Kim Alvefur
a346709487 mod_bosh: Add extra debug logging to help with #1134 2018-05-15 01:22:35 +02:00
Kim Alvefur
1277677cc4 mod_bosh: Fix inconsistent whitespace [luacheck] 2018-05-01 18:21:57 +02:00
Matthew Wild
d62d872cd3 mod_bosh: Fix for 7be8f649d97d to skip error handling and allow other modules to handle the request 2018-04-29 22:15:44 +01:00
Matthew Wild
1325ac697f mod_bosh: Increase number of stored responses to ensure we always keep responses within the rid window available 2018-04-11 13:24:37 +01:00
Matthew Wild
4ff9afe599 mod_bosh: Improve connection robustness with better handling of unexpected rids 2018-04-10 20:34:29 +01:00
Matthew Wild
6b94760640 mod_bosh: Some additonal comments to improve code readability 2018-04-10 20:30:20 +01:00
Matthew Wild
5d631871e6 mod_bosh: Whitespace 2018-04-10 20:29:46 +01:00
Matthew Wild
f40a467d0c mod_bosh: Improve logging - parse errors will now log through the session logger if possible 2018-04-10 20:28:59 +01:00
Matthew Wild
f537f1572c mod_bosh: Improve logging on session close (reason may be a table with params) 2018-04-10 20:25:12 +01:00
Kim Alvefur
4cdc813fed mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540) 2018-03-15 17:22:49 +01:00
Kim Alvefur
d0c3e64ff9 mod_bosh: Return implicit 404 instead of the proper BOSH terminate thing 2017-12-27 01:00:34 +01:00
Kim Alvefur
69f252bebf mod_bosh: Limit stream to current host (fixes #371) 2017-12-13 15:34:53 +01:00
Kim Alvefur
c468196063 mod_bosh: Make into a normal module (fixes #402) 2017-12-13 15:24:02 +01:00
Kim Alvefur
330a365ca8 mod_bosh: Use module API to fire events 2017-12-13 17:31:31 +01:00
Kim Alvefur
a8c7b08aac mod_bosh: Use moduleapi logger 2017-12-13 15:23:29 +01:00
Kim Alvefur
ccbc346900 mod_bosh: Rename variable to avoid name clash [luacheck] 2017-12-13 15:31:21 +01:00
Kim Alvefur
94c9012f75 mod_bosh: Ignore unused argument [luacheck] 2017-12-13 15:30:37 +01:00
Kim Alvefur
0114f1dd6a mod_bosh: Remove unused variable [luacheck] 2017-12-13 15:30:11 +01:00
Matthew Wild
e9d37d780b Merge 0.10 -> trunk 2017-07-28 23:47:38 +01:00
Emmanuel Gil Peyrot
974866de52 mod_bosh: Add ::1 to the default trusted_proxies. 2017-07-16 19:25:15 +01:00
Kim Alvefur
a7b9c6de42 Merge 0.10->trunk 2017-04-20 00:41:49 +02:00
Kim Alvefur
71582ed712 Merge 0.9->0.10 2017-04-19 20:02:58 +02:00