diff options
author | Kim Alvefur <zash@zash.se> | 2021-02-21 06:18:22 +0100 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2021-02-21 06:18:22 +0100 |
commit | d18348b578ab72b09840fedfc58d7b6de5fb53b5 (patch) | |
tree | f6dff3371152edf2c1855c3f6bd1d20df7551005 | |
parent | 5860017b9f13b7849ac62cb532b8f8a6ffb45bea (diff) | |
download | prosody-d18348b578ab72b09840fedfc58d7b6de5fb53b5.tar.gz prosody-d18348b578ab72b09840fedfc58d7b6de5fb53b5.zip |
mod_bosh: Include warning if endpoint accessed insecurely (#1172)
This is to make it obvious if a misconfigured a proxy or the request
really is insecure.
Perhaps it should also check c2s_require_encryption?
-rw-r--r-- | plugins/mod_bosh.lua | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/plugins/mod_bosh.lua b/plugins/mod_bosh.lua index db281fcd..0fbf3037 100644 --- a/plugins/mod_bosh.lua +++ b/plugins/mod_bosh.lua @@ -536,6 +536,7 @@ local function GET_response(event) --- title = "Prosody BOSH endpoint"; message = "It works! Now point your BOSH client to this URL to connect to Prosody."; + warning = not (consider_bosh_secure or event.request.secure) and "This endpoint is not considered secure!" or nil; -- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p> }) or "This is the Prosody BOSH endpoint."; end |