aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_websocket.lua
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/mod_websocket.lua')
-rw-r--r--plugins/mod_websocket.lua95
1 files changed, 36 insertions, 59 deletions
diff --git a/plugins/mod_websocket.lua b/plugins/mod_websocket.lua
index 60c76605..f0134b4a 100644
--- a/plugins/mod_websocket.lua
+++ b/plugins/mod_websocket.lua
@@ -33,18 +33,10 @@ local frame_buffer_limit = module:get_option_number("websocket_frame_buffer_limi
local frame_fragment_limit = module:get_option_number("websocket_frame_fragment_limit", 8);
local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5);
local consider_websocket_secure = module:get_option_boolean("consider_websocket_secure");
-local cross_domain = module:get_option_set("cross_domain_websocket", {});
-if cross_domain:contains("*") or cross_domain:contains(true) then
- cross_domain = true;
+local cross_domain = module:get_option("cross_domain_websocket");
+if cross_domain ~= nil then
+ module:log("info", "The 'cross_domain_websocket' option has been deprecated");
end
-
-local function check_origin(origin)
- if cross_domain == true then
- return true;
- end
- return cross_domain:contains(origin);
-end
-
local xmlns_framing = "urn:ietf:params:xml:ns:xmpp-framing";
local xmlns_streams = "http://etherx.jabber.org/streams";
local xmlns_client = "jabber:client";
@@ -79,6 +71,8 @@ local function session_close(session, reason)
local stream_error = st.stanza("stream:error");
if type(reason) == "string" then -- assume stream error
stream_error:tag(reason, {xmlns = 'urn:ietf:params:xml:ns:xmpp-streams' });
+ elseif st.is_stanza(reason) then
+ stream_error = reason;
elseif type(reason) == "table" then
if reason.condition then
stream_error:tag(reason.condition, stream_xmlns_attr):up();
@@ -88,11 +82,9 @@ local function session_close(session, reason)
if reason.extra then
stream_error:add_child(reason.extra);
end
- elseif reason.name then -- a stanza
- stream_error = reason;
end
end
- log("debug", "Disconnecting client, <stream:error> is: %s", tostring(stream_error));
+ log("debug", "Disconnecting client, <stream:error> is: %s", stream_error);
session.send(stream_error);
end
@@ -143,6 +135,14 @@ local function filter_open_close(data)
return data;
end
+local default_get_response_text = "It works! Now point your WebSocket client to this URL to connect to Prosody."
+local websocket_get_response_text = module:get_option_string("websocket_get_response_text", default_get_response_text)
+
+local default_get_response_body = [[<!DOCTYPE html><html><head><title>Websocket</title></head><body>
+<p>]]..websocket_get_response_text..[[</p>
+</body></html>]]
+local websocket_get_response_body = module:get_option_string("websocket_get_response_body", default_get_response_body)
+
local function validate_frame(frame, max_length)
local opcode, length = frame.opcode, frame.length;
@@ -207,12 +207,15 @@ function handle_request(event)
conn.starttls = false; -- Prevent mod_tls from believing starttls can be done
- if not request.headers.sec_websocket_key then
- response.headers.content_type = "text/html";
- return [[<!DOCTYPE html><html><head><title>Websocket</title></head><body>
- <p>It works! Now point your WebSocket client to this URL to connect to Prosody.</p>
- </body></html>]];
- end
+ if not request.headers.sec_websocket_key or request.method ~= "GET" then
+ return module:fire_event("http-message", {
+ response = event.response;
+ ---
+ title = "Prosody WebSocket endpoint";
+ message = websocket_get_response_text;
+ warning = not (consider_websocket_secure or request.secure) and "This endpoint is not considered secure!" or nil;
+ }) or websocket_get_response_body;
+ end
local wants_xmpp = contains_token(request.headers.sec_websocket_protocol or "", "xmpp");
@@ -221,11 +224,6 @@ function handle_request(event)
return 501;
end
- if not check_origin(request.headers.origin or "") then
- module:log("debug", "Origin %s is not allowed by 'cross_domain_websocket' [ %s ]", request.headers.origin or "(missing header)", cross_domain);
- return 403;
- end
-
local function websocket_close(code, message)
conn:write(build_close(code, message));
conn:close();
@@ -276,7 +274,7 @@ function handle_request(event)
-- See mod_http and #540
session.ip = request.ip;
- session.secure = consider_websocket_secure or session.secure;
+ session.secure = consider_websocket_secure or request.secure or session.secure;
session.websocket_request = request;
session.open_stream = session_open_stream;
@@ -350,41 +348,20 @@ local function keepalive(event)
end
end
-module:hook("c2s-read-timeout", keepalive, -0.9);
-
-module:depends("http");
-module:provides("http", {
- name = "websocket";
- default_path = "xmpp-websocket";
- route = {
- ["GET"] = handle_request;
- ["GET /"] = handle_request;
- };
-});
-
function module.add_host(module)
module:hook("c2s-read-timeout", keepalive, -0.9);
- if cross_domain ~= true then
- local url = require "socket.url";
- local ws_url = module:http_url("websocket", "xmpp-websocket");
- local url_components = url.parse(ws_url);
- -- The 'Origin' consists of the base URL without path
- url_components.path = nil;
- local this_origin = url.build(url_components);
- local local_cross_domain = module:get_option_set("cross_domain_websocket", { this_origin });
- if local_cross_domain:contains(true) then
- module:log("error", "cross_domain_websocket = true only works in the global section");
- return;
- end
+ module:depends("http");
+ module:provides("http", {
+ name = "websocket";
+ default_path = "xmpp-websocket";
+ route = {
+ ["GET"] = handle_request;
+ ["GET /"] = handle_request;
+ };
+ });
- -- Don't add / remove something added by another host
- -- This might be weird with random load order
- local_cross_domain:exclude(cross_domain);
- cross_domain:include(local_cross_domain);
- module:log("debug", "cross_domain = %s", tostring(cross_domain));
- function module.unload()
- cross_domain:exclude(local_cross_domain);
- end
- end
+ module:hook("c2s-read-timeout", keepalive, -0.9);
end
+
+module:add_host();