aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--plugins/mod_smacks.lua3
-rw-r--r--util/stanza.lua6
2 files changed, 7 insertions, 2 deletions
diff --git a/plugins/mod_smacks.lua b/plugins/mod_smacks.lua
index 4657fc53..ad1b8dd6 100644
--- a/plugins/mod_smacks.lua
+++ b/plugins/mod_smacks.lua
@@ -325,7 +325,8 @@ function do_enable(session, stanza)
local resume_token;
local resume = stanza.attr.resume;
- if resume == "true" or resume == "1" then
+ if (resume == "true" or resume == "1") and session.username then
+ -- resumption on s2s is not currently supported
resume_token = new_id();
end
diff --git a/util/stanza.lua b/util/stanza.lua
index c6e7aa6d..0f8827d5 100644
--- a/util/stanza.lua
+++ b/util/stanza.lua
@@ -37,8 +37,12 @@ local _ENV = nil;
local stanza_mt = { __name = "stanza" };
stanza_mt.__index = stanza_mt;
+-- Basic check for valid XML character data.
+-- Disallow control characters.
+-- Tab U+09 and newline U+0A are allowed.
+-- For attributes, allow the \1 separator between namespace and name.
local function valid_xml_cdata(str, attr)
- return not s_find(str, attr and "[^\1\9\10\13\20-~\128-\247]" or "[^\9\10\13\20-~\128-\247]");
+ return not s_find(str, attr and "[^\1\9\10\13\20-\255]" or "[^\9\10\13\20-\255]");
end
local function check_name(name, name_type)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 14:17:50 +0000