diff options
Diffstat (limited to 'plugins/mod_websocket.lua')
-rw-r--r-- | plugins/mod_websocket.lua | 95 |
1 files changed, 36 insertions, 59 deletions
diff --git a/plugins/mod_websocket.lua b/plugins/mod_websocket.lua index 60c76605..f0134b4a 100644 --- a/plugins/mod_websocket.lua +++ b/plugins/mod_websocket.lua @@ -33,18 +33,10 @@ local frame_buffer_limit = module:get_option_number("websocket_frame_buffer_limi local frame_fragment_limit = module:get_option_number("websocket_frame_fragment_limit", 8); local stream_close_timeout = module:get_option_number("c2s_close_timeout", 5); local consider_websocket_secure = module:get_option_boolean("consider_websocket_secure"); -local cross_domain = module:get_option_set("cross_domain_websocket", {}); -if cross_domain:contains("*") or cross_domain:contains(true) then - cross_domain = true; +local cross_domain = module:get_option("cross_domain_websocket"); +if cross_domain ~= nil then + module:log("info", "The 'cross_domain_websocket' option has been deprecated"); end - -local function check_origin(origin) - if cross_domain == true then - return true; - end - return cross_domain:contains(origin); -end - local xmlns_framing = "urn:ietf:params:xml:ns:xmpp-framing"; local xmlns_streams = "http://etherx.jabber.org/streams"; local xmlns_client = "jabber:client"; @@ -79,6 +71,8 @@ local function session_close(session, reason) local stream_error = st.stanza("stream:error"); if type(reason) == "string" then -- assume stream error stream_error:tag(reason, {xmlns = 'urn:ietf:params:xml:ns:xmpp-streams' }); + elseif st.is_stanza(reason) then + stream_error = reason; elseif type(reason) == "table" then if reason.condition then stream_error:tag(reason.condition, stream_xmlns_attr):up(); @@ -88,11 +82,9 @@ local function session_close(session, reason) if reason.extra then stream_error:add_child(reason.extra); end - elseif reason.name then -- a stanza - stream_error = reason; end end - log("debug", "Disconnecting client, <stream:error> is: %s", tostring(stream_error)); + log("debug", "Disconnecting client, <stream:error> is: %s", stream_error); session.send(stream_error); end @@ -143,6 +135,14 @@ local function filter_open_close(data) return data; end +local default_get_response_text = "It works! Now point your WebSocket client to this URL to connect to Prosody." +local websocket_get_response_text = module:get_option_string("websocket_get_response_text", default_get_response_text) + +local default_get_response_body = [[<!DOCTYPE html><html><head><title>Websocket</title></head><body> +<p>]]..websocket_get_response_text..[[</p> +</body></html>]] +local websocket_get_response_body = module:get_option_string("websocket_get_response_body", default_get_response_body) + local function validate_frame(frame, max_length) local opcode, length = frame.opcode, frame.length; @@ -207,12 +207,15 @@ function handle_request(event) conn.starttls = false; -- Prevent mod_tls from believing starttls can be done - if not request.headers.sec_websocket_key then - response.headers.content_type = "text/html"; - return [[<!DOCTYPE html><html><head><title>Websocket</title></head><body> - <p>It works! Now point your WebSocket client to this URL to connect to Prosody.</p> - </body></html>]]; - end + if not request.headers.sec_websocket_key or request.method ~= "GET" then + return module:fire_event("http-message", { + response = event.response; + --- + title = "Prosody WebSocket endpoint"; + message = websocket_get_response_text; + warning = not (consider_websocket_secure or request.secure) and "This endpoint is not considered secure!" or nil; + }) or websocket_get_response_body; + end local wants_xmpp = contains_token(request.headers.sec_websocket_protocol or "", "xmpp"); @@ -221,11 +224,6 @@ function handle_request(event) return 501; end - if not check_origin(request.headers.origin or "") then - module:log("debug", "Origin %s is not allowed by 'cross_domain_websocket' [ %s ]", request.headers.origin or "(missing header)", cross_domain); - return 403; - end - local function websocket_close(code, message) conn:write(build_close(code, message)); conn:close(); @@ -276,7 +274,7 @@ function handle_request(event) -- See mod_http and #540 session.ip = request.ip; - session.secure = consider_websocket_secure or session.secure; + session.secure = consider_websocket_secure or request.secure or session.secure; session.websocket_request = request; session.open_stream = session_open_stream; @@ -350,41 +348,20 @@ local function keepalive(event) end end -module:hook("c2s-read-timeout", keepalive, -0.9); - -module:depends("http"); -module:provides("http", { - name = "websocket"; - default_path = "xmpp-websocket"; - route = { - ["GET"] = handle_request; - ["GET /"] = handle_request; - }; -}); - function module.add_host(module) module:hook("c2s-read-timeout", keepalive, -0.9); - if cross_domain ~= true then - local url = require "socket.url"; - local ws_url = module:http_url("websocket", "xmpp-websocket"); - local url_components = url.parse(ws_url); - -- The 'Origin' consists of the base URL without path - url_components.path = nil; - local this_origin = url.build(url_components); - local local_cross_domain = module:get_option_set("cross_domain_websocket", { this_origin }); - if local_cross_domain:contains(true) then - module:log("error", "cross_domain_websocket = true only works in the global section"); - return; - end + module:depends("http"); + module:provides("http", { + name = "websocket"; + default_path = "xmpp-websocket"; + route = { + ["GET"] = handle_request; + ["GET /"] = handle_request; + }; + }); - -- Don't add / remove something added by another host - -- This might be weird with random load order - local_cross_domain:exclude(cross_domain); - cross_domain:include(local_cross_domain); - module:log("debug", "cross_domain = %s", tostring(cross_domain)); - function module.unload() - cross_domain:exclude(local_cross_domain); - end - end + module:hook("c2s-read-timeout", keepalive, -0.9); end + +module:add_host(); |