aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2019-11-02 15:39:01 +0100
committerKim Alvefur <zash@zash.se>2019-11-02 15:39:01 +0100
commitb1516ea8f0c1121b47eae70e9f18755298026a60 (patch)
tree960d47def1705d31c48f234fc1974fa7bf510f78
parent6164878eb1f3b5b72b0cc3803e6e6b5d7b3a9309 (diff)
downloadprosody-b1516ea8f0c1121b47eae70e9f18755298026a60.tar.gz
prosody-b1516ea8f0c1121b47eae70e9f18755298026a60.zip
core.sessionmanager: Require that client-requested resources pass strict resourceprep
-rw-r--r--core/sessionmanager.lua2
1 files changed, 1 insertions, 1 deletions
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua
index a62db906..6c005fcd 100644
--- a/core/sessionmanager.lua
+++ b/core/sessionmanager.lua
@@ -150,7 +150,7 @@ local function bind_resource(session, resource)
resource = event_payload.resource;
end
- resource = resourceprep(resource or "");
+ resource = resourceprep(resource or "", true);
resource = resource ~= "" and resource or generate_identifier();
--FIXME: Randomly-generated resources must be unique per-user, and never conflict with existing