| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Disabled DANE by default, since it needs extra steps to be useful. The
built-in DNS stub resolver does not support DNSSEC so having DANE
enabled by default only leads to an extra wasted DNS request.
|
| |
|
|
|
|
| |
To highlight how many these are
|
|
|
|
| |
See 6e051bfca12d
|
|
|
|
|
| |
Trying to move everything relating to proxies and X-Forwarded-Foo into a
single place.
|
|
|
|
|
|
|
|
| |
Because it already sets request.secure, which depends on the connection,
just like the IP, so it makes sense to do both in the same place.
Dealing with proxies can be left to mod_http for now, but maybe it could
move into some util some day?
|
|\ |
|
| |
| |
| |
| |
| | |
8603011e51fe optimized out more than just the loop, leaving the .ip
field blank when the request wasn't from a proxy.
|
| |
| |
| |
| |
| | |
In case none of the expired files could be deleted then it's a waste of
an API call to try to remove any of the metadata at all.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
deleted
If any of the expired files could not be deleted then we should not
forget about that, we should complain loudly and try again.
The code got this backwards and would have removed only the entries
referring to still existing files.
Test procedure:
1. Upload a file
2. chown root:root http_file_share/
3. In uploads.list, decrease 'when' enough to ensure expiry
4. Reload mod_http_file_share
5. Should see an error in the logs about failure to delete the file
6. Should see that the metadata in uploads.list is still there
7. chown http_file_share/ back to the previous owner
8. Reload mod_http_file_share
9. Should see logs about successful removal of expired file
10. Should see that the metadata in uploads.list is gone
11. Should see that the file was deleted
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
> "You can do anything in XMPP!"
> as a reminiscence of zombo.com
-- jonas’
> A study in simplicity.
Prosody tagline
|
| |
| |
| |
| | |
attempt to index a nil value (local 'filetype') casued by the :gsub call
|
| |
| |
| |
| | |
This won't include behavior provided by extra modules tho.
|
| |
| |
| |
| |
| | |
This was the late night early draft text, thought I had amended this but
apparently I forgot.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Makes no sense to have a http module with no handlers
Would have helped me when I accidentally
module:provides("http", {
GET = handler;
})
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
E.g.
module:provides("http", {
cors = {
headers = {
Accept = true;
Expect = false;
};
};
route = { ... };
});
Case might be weird.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
E.g.
module:provides("http", {
cors = {
credentials = true;
};
route = { ... };
});
|
| |
| |
| |
| |
| | |
Weird to have the background all the way to the edge of the viewport.
Would be nice if this could be done without the extra span.
|
| | |
|
| |
| |
| |
| | |
Same as the prior commit to mod_bosh
|
| |
| |
| |
| |
| |
| |
| | |
This is to make it obvious if a misconfigured a proxy or the request
really is insecure.
Perhaps it should also check c2s_require_encryption?
|
| |
| |
| |
| |
| |
| | |
Looking Good!
And most importantly, consistent.
|
| |
| |
| |
| |
| |
| |
| | |
It looks sooooo good!
Meant to be used by e.g. mod_bosh to warn in case the request is
considered insecure.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
module:fire_event("http-message", {title = "hello"; message = "world"})
Goal is to enable consistent messages from Prosody. Not necessarily
error messages, but warnings or just notices.
This does cause some drift in the purpose of mod_http_errors, but that's
okay.
|
| |
| |
| |
| | |
Because It looks too big in view source!
|
|\| |
|
| |
| |
| |
| |
| | |
is_trusted_proxy() is only in trunk, I dun goofed when I rebased
8603011e51fe from trunk.
|
| |
| |
| |
| |
| | |
No need to do a subnet match comparison to see if two IP addresses match
exactly.
|
| |
| |
| |
| |
| |
| |
| | |
Allows requests considered secure becasue of a proxy header to carry
over to the client session.
mod_bosh does this too.
|
| |
| |
| |
| |
| |
| |
| | |
Should be better than setting consider_{bosh,websocket}_secure as that
may end up causing actually insecure requests to be considered secure.
Doing it here, as with IP, should make this apply to all HTTP modules.
|
|\| |
|
| |
| |
| |
| |
| | |
Skips doing the whole get_ip_from_request() dance if the request isn't
from a proxy at all, even if the client sent the header for some reason.
|
| |
| |
| |
| |
| | |
To let other plugins know and take some action, e.g. flushing other
buffers or whatnot.
|
| |
| |
| |
| | |
May be useful for 3rd party modules.
|
|\| |
|
| | |
|
| |
| |
| |
| |
| | |
Noticed while discussing feature discovery in Gajim
Thanks lovetox
|
| | |
|
| |
| |
| |
| |
| | |
E.g. curl will ask for this when sending large uploads. Removes a delay
while it waits for an error or go-agead.
|
| |
| |
| |
| |
| |
| |
| | |
Fixes that otherwise it would wait for the request to be done after
receiving the head of the request, when it's meant to select a target
for where to store the data, instead of waiting after receiving the
request for when the request has been handled.
|
| |
| |
| |
| | |
Storing the async thread on the connection was weird.
|
| | |
|
| |
| |
| |
| |
| | |
Test all the things! Somewhat covered by the storagemanager tests, but
we don't currently don't have that automated as it needs SQL engines.
|
| |
| |
| |
| |
| |
| |
| |
| | |
The 'typ' argument to all other functions is the actual file extension,
but not here for some reason.
May need this for iterating over the .bin files created by
mod_http_file_share in the future.
|
| |
| |
| |
| |
| |
| |
| | |
Thanks to debacle for reminding me, in the context of mod_auth_ccert
I wonder if we still need lsec_ignore_purpose, Let's Encrypt seems to
include both client and server purposes in certs.
|
| |
| |
| |
| | |
Ref 115b5e32d960
|
| | |
|
| |
| |
| |
| | |
These were previously only documented on the site.
|