diff options
author | Kim Alvefur <zash@zash.se> | 2019-11-02 15:39:01 +0100 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2019-11-02 15:39:01 +0100 |
commit | b1516ea8f0c1121b47eae70e9f18755298026a60 (patch) | |
tree | 960d47def1705d31c48f234fc1974fa7bf510f78 | |
parent | 6164878eb1f3b5b72b0cc3803e6e6b5d7b3a9309 (diff) | |
download | prosody-b1516ea8f0c1121b47eae70e9f18755298026a60.tar.gz prosody-b1516ea8f0c1121b47eae70e9f18755298026a60.zip |
core.sessionmanager: Require that client-requested resources pass strict resourceprep
-rw-r--r-- | core/sessionmanager.lua | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua index a62db906..6c005fcd 100644 --- a/core/sessionmanager.lua +++ b/core/sessionmanager.lua @@ -150,7 +150,7 @@ local function bind_resource(session, resource) resource = event_payload.resource; end - resource = resourceprep(resource or ""); + resource = resourceprep(resource or "", true); resource = resource ~= "" and resource or generate_identifier(); --FIXME: Randomly-generated resources must be unique per-user, and never conflict with existing |