mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 21:57:45 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
12190 commits 12 branches 101 tags 40 MiB
Commit graph

96 commits

Author SHA1 Message Date
Kim Alvefur
77630b72ff mod_http: Skip querying portmanager when http_external_url when is set 
When http_external_url is set then the portmanager usage only really
serves as a check of whether any http service is enabled at all.

Should allow generating an URL from prosodyctl when http_external_url is
set.
 2021-11-27 12:26:15 +01:00
Kim Alvefur
b187489802 mod_http: Limit unencrypted http port (5280) to loopback by default 
Since accessing this port directly over the wider Internet is unlikely
to intentional anymore.  Most uses will likely be by reverse proxies, by
mistake or because of trouble configuring HTTPS.

Blocking mistaken uses is just a good thing, letting users send
potentially private things unencrypted tends to be Strongly Discouraged
these days.

Many reverse proxy setups operate over loopback, so listening there
instead of all interfaces is a net improvement.

Improved automatic certificate location and SNI support has mostly
eliminated the need for manual certificate configuration so HTTPS should
Just Work once certificates have been provided.

For local testing during development, connecting over loopback is likely
fine as well. When really needed, `http_interfaces` can still be set.

Suggested by Link Mauve
 2022-01-15 15:13:41 +01:00
Kim Alvefur
6d8f1d56ed mod_http: Clean up redirects handlers for wildcard on http module unload 
These would previously be left behind. Probably mostly harmless except
for clogging up the `debug:events()` listing in the console.
 2021-12-22 19:27:03 +01:00
Kim Alvefur
c506269ff5 Fix various spelling errors (thanks codespell) 
Also special thanks to timeless, for wordlessly reminding me to check
for typos.
 2021-07-27 00:13:18 +02:00
Kim Alvefur
4b60587e75 mod_http: Consolidate handling of proxied connection details 
Trying to move everything relating to proxies and X-Forwarded-Foo into a
single place.
 2021-02-27 21:37:56 +01:00
Kim Alvefur
2acba62388 net.http.server: Set request.ip so mod_http doesn't have to 
Because it already sets request.secure, which depends on the connection,
just like the IP, so it makes sense to do both in the same place.

Dealing with proxies can be left to mod_http for now, but maybe it could
move into some util some day?
 2021-02-27 21:37:16 +01:00
Kim Alvefur
d8bcee69f3 Merge 0.11->trunk 2021-02-27 21:07:36 +01:00
Kim Alvefur
aa9e2741d5 mod_http: Restore ip field for requests without proxies 
8603011e51fe optimized out more than just the loop, leaving the .ip
field blank when the request wasn't from a proxy.
 2021-02-27 20:45:45 +01:00
Kim Alvefur
4ed5700a19 mod_http: Improve message for missing 'route' 
This was the late night early draft text, thought I had amended this but
apparently I forgot.
 2021-02-23 16:07:41 +01:00
Kim Alvefur
19eb907613 mod_http: Warn if app is missing 'route' 
Makes no sense to have a http module with no handlers

Would have helped me when I accidentally

module:provides("http", {
  GET = handler;
})
 2021-02-21 01:00:00 +01:00
Kim Alvefur
e52a77ff84 mod_http: Fix trusted proxies check (thanks buildbot) 
is_trusted_proxy() is only in trunk, I dun goofed when I rebased
8603011e51fe from trunk.
 2021-02-18 14:34:38 +01:00
Kim Alvefur
80116bf0e3 mod_http: Skip IP resolution in non-proxied case 
Skips doing the whole get_ip_from_request() dance if the request isn't
from a proxy at all, even if the client sent the header for some reason.
 2021-02-18 12:00:00 +01:00
Kim Alvefur
d65d38846d mod_http: Allow modifying CORS header list via :provides API 
E.g.

module:provides("http", {
		cors = {
			headers = {
				Accept = true;
				Expect = false;
			};
		};
		route = { ... };
	});

Case might be weird.
 2019-12-30 09:50:59 +01:00
Kim Alvefur
5d4446cd13 mod_http: Allow setting the CORS credentials flag via :provides API 
E.g.

module:provides("http", {
		cors = {
			credentials = true;
		};
		route = { ... };
	});
 2019-12-30 09:49:28 +01:00
Kim Alvefur
0e6a6fff96 mod_http: Optimize proxy IP check 
No need to do a subnet match comparison to see if two IP addresses match
exactly.
 2021-02-18 10:41:04 +01:00
Kim Alvefur
362c228c47 mod_http: Consider x-forwarded-proto from trusted proxies 
Should be better than setting consider_{bosh,websocket}_secure as that
may end up causing actually insecure requests to be considered secure.

Doing it here, as with IP, should make this apply to all HTTP modules.
 2021-02-18 10:00:56 +01:00
Kim Alvefur
4b4636ae65 Merge 0.11->trunk 2021-02-18 12:02:11 +01:00
Matthew Wild
29f2e5906f mod_http: Silence warnings when running under prosodyctl 2020-09-11 12:37:07 +01:00
Kim Alvefur
933c048829 mod_http: Add way to signal that a module supports streaming uploads 
Fixes #726

API:

module:provides("http", {
	streaming_uploads = true;
	route = {
		PUT = function (event)
			event.request.body_sink = io.tmpfile();
			return true;
		end
	}
})
 2020-08-01 18:41:30 +02:00
Kim Alvefur
91d2ab9108 net.http.parser: Allow specifying sink for large request bodies 
This enables uses such as saving uploaded files directly to a file on
disk or streaming parsing of payloads.

See #726
 2020-08-01 18:41:23 +02:00
Boris Grozev
edd798dd98 mod_http: Support CIDR for trusted proxies. 2020-06-10 13:15:57 -05:00
Kim Alvefur
d689f6c9a1 mod_http: Tell luacheck to ignore the long comment lines 2020-05-14 16:55:01 +02:00
Jonas Schäfer
d6de70d19f mod_http: Add documentation to the non-obvious logic of get_ip_from_request 
Because docs are good.
 2020-05-14 14:59:59 +02:00
Kim Alvefur
0fdb85997a mod_net_multiplex: Add support for using ALPN 
Potentially a bit more efficient since it can jump to the selected
protocol on connect instead of waiting for some data to look at.

Adds a 'protocol' field to net providers for this purpose.
 2019-11-29 23:27:51 +01:00
Kim Alvefur
6fd9868ed5 mod_http: Log served URLs at 'info' level 
These are similar to the "activated service" messages from portmanager
and similarily useful for the service admin to know even if they're not
debugging anything.
 2019-11-29 21:30:08 +01:00
Kim Alvefur
fd9ccf20d5 mod_http: Soften dependency on mod_http_errors 
This allows disabling mod_http_errors by adding it to
moduless_disabled and ensures mod_http loads even if the error pages
aren't as pretty.
 2019-11-16 16:39:45 +01:00
Kim Alvefur
8340ca2b18 mod_http: Unhook CORS related event handlers 
Prevents CORS related handlers from being left over on reload.

BC: `mod_http.apps[app_name][event_name]` is now a table instead of the
main handler function.
 2019-10-10 20:46:27 +02:00
Matthew Wild
d24e6c7582 mod_http: Add support for configuring CORS Access-Control-Allow-Credentials 2019-09-11 15:10:31 +01:00
Kim Alvefur
0247a0e904 mod_http: Move normalize_path to util.http 2018-10-14 14:31:59 +02:00
Kim Alvefur
29c9d1f508 Merge 0.10->trunk 2018-10-14 14:19:21 +02:00
Kim Alvefur
2a573e5c5e mod_http: Make sure path from http_external_url always ends with a slash (fixes #1183) 2018-10-14 14:01:57 +02:00
Kim Alvefur
93b55928f6 mod_http: Support global HTTP modules 
Such modules simply ignore the Host header and always handle the same path.
 2018-09-21 23:49:56 +02:00
Kim Alvefur
a31b6728d4 Revert 2dc7490899ae::5d6b252bc36f: Unfinished and broken 2018-09-21 22:14:40 +02:00
Kim Alvefur
7c060d6be5 mod_http: Hook the host-less event if hooked from a global module 2018-09-21 21:19:44 +02:00
Kim Alvefur
c6540b14f9 net.http.server: Move handling of hosts to mod_http 
Now an event like `GET /path` is fired at first, and mod\_http
dispatches the old `GET host/path` events.
 2018-09-21 21:19:41 +02:00
Kim Alvefur
78dbad124a mod_http: Rename argument to avoid name clash with outer scope [luacheck] 2018-07-06 00:15:10 +02:00
Kim Alvefur
d0f783842e mod_http: Rename loop variable to avoid name clash [luacheck] 2018-07-06 00:14:47 +02:00
Kim Alvefur
c27c3940c7 mod_http: Rename loop variable to avoid name clash [luacheck] 2018-07-06 00:13:45 +02:00
Kim Alvefur
bf3c8c2b1a mod_http: Silecence harmless warnings 2018-07-06 00:12:38 +02:00
Kim Alvefur
060ab50b41 mod_http: Pass util.events object to API, fixes traceback 2018-03-16 08:47:51 +01:00
Kim Alvefur
4cdc813fed mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540) 2018-03-15 17:22:49 +01:00
Kim Alvefur
4c6a84a00e Merge 0.10->trunk 2017-01-26 19:47:33 +01:00
Kim Alvefur
a67d0bfb97 util.sslconfig: Remvoe flag merging for 'verify' as this is more of a tri-state field than a set of options 2017-01-26 14:18:30 +01:00
Kim Alvefur
782117034d Merge 0.10->trunk 2016-08-18 17:36:46 +02:00
Kim Alvefur
860d3a58b8 Merge 0.9->0.10 2016-08-18 15:16:02 +02:00
Kim Alvefur
1686ef5d53 mod_http: Allow configuring http parser size limits 2016-08-18 14:51:11 +02:00
Emmanuel Gil Peyrot
2368529f51 mod_http: Fix indentation in redir_handler 2016-07-24 17:36:53 +01:00
Emmanuel Gil Peyrot
c6048a7cb4 Update every link to the documentation to use HTTPS 2016-04-16 21:08:05 +01:00
daurnimator
d7ffd11752 plugins/mod_http: Keep query string over automatic redirects 2016-02-15 16:28:22 +11:00
Matthew Wild
46aa864c3d Backout unintentional commit ed5440a6ef7f 2015-12-03 16:21:56 +00:00