aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* mod_http_file_share: Add support for removing old files (default 2 weeks)Kim Alvefur2021-01-271-1/+59
|
* mod_http_file_share: More security headersKim Alvefur2021-01-271-2/+4
|
* mod_http_file_share: Strip authorization type prefix a bit earlierKim Alvefur2021-01-271-2/+5
|
* mod_http_file_share: Factor out function for generating full filenameKim Alvefur2021-01-271-2/+6
|
* mod_http_file_share: Use '.bin' file extensionKim Alvefur2021-01-271-2/+3
| | | | | Distinct from '.dat' used by datamanager / internal stortage for Lua object storage so that they can't easily be loaded by accident that way.
* mod_http_file_share: Validate file size early in HTTP PUT requestKim Alvefur2021-01-271-0/+5
|
* mod_http_file_share: Move Authorization type stringKim Alvefur2021-01-271-2/+2
| | | | It belongs with the header more than the token itself
* mod_http_file_share: Add some loggingKim Alvefur2021-01-271-0/+14
|
* mod_http_file_share: Handle content-type being optionalKim Alvefur2021-01-271-2/+2
|
* mod_http_file_share: Reject invalid file sizesKim Alvefur2021-01-272-0/+17
|
* mod_http_file_share: Fix name of max-file-size tagKim Alvefur2021-01-271-1/+1
|
* mod_http_file_share: Expand registry to fix extra tagKim Alvefur2021-01-271-5/+6
| | | | | Error registry compact format doesn't support extra.tag so needs to be the more verbose format
* mod_http_file_share: Verify final file size on completion of uploadKim Alvefur2021-01-271-0/+5
|
* mod_http_file_share: Add file type filterKim Alvefur2021-01-263-0/+20
| | | | | Unlike mod_http_upload, this can't be bypassed by uploading with a different file extension.
* mod_http_file_share: Add file size limit (default 10M)Kim Alvefur2021-01-263-0/+30
|
* mod_http_file_share: Validate that filename does not contain '/'Kim Alvefur2021-01-262-0/+19
|
* mod_http_file_share: Return proper error if unauthorizedKim Alvefur2021-01-261-1/+5
|
* mod_http_file_share: Add basic access controlKim Alvefur2021-01-261-1/+7
| | | | Partly lifted from mod_external_services
* mod_http_file_share: Add support for external file upload serviceKim Alvefur2021-01-262-3/+9
| | | | | PUT /upload/:slot/:filename Authorization: Bearer JWT{ uploader, filename, filesize, filetype, exp }
* mod_http_file_share: Let's write another XEP-0363 implementationKim Alvefur2021-01-265-0/+229
| | | | | | | | | | This variant is meant to improve upon mod_http_upload in some ways: * Handle files much of arbitrary size efficiently * Allow GET and PUT URLs to be different * Remember Content-Type sent by client * Avoid dependency on mod_http_files * Built-in way to delegate storage to another httpd
* util.interpolation: Add test for #1623Kim Alvefur2021-01-251-0/+5
|
* Merge 0.11->trunkKim Alvefur2021-01-251-2/+2
|\
| * util.interpolation: Fix combination of filters and fallback values #1623Kim Alvefur2021-01-251-2/+2
| |
* | util.startup: Make installer_plugin_path relative to data directoryKim Alvefur2021-01-241-3/+2
| | | | | | | | | | | | Having it relative to current working directory is problematic since this depends on how Prosody was started and changes to the data directory during startup (but after this point).
* | util.startup: Don't create installer plugin path (as root)Kim Alvefur2021-01-241-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Since this runs before dropping root, the directory ends up being owned by root, resulting in luarocks failing to install anything, since by then it would be running as the prosody user. luarocks creates this directory if needed, so creating it during startup is not necessary. One potential issue is if the directory is somewhere where Prosody can't write, but then you will simply have to create it yourself with the appropriate permissions.
* | util.prosodyctl.check: Recognise global options related to plugin installerKim Alvefur2021-01-211-0/+1
| |
* | net.unbound: Fix to initialize under prosodyctlKim Alvefur2021-01-211-0/+1
| | | | | | | | | | Lazy initialization only worked for async queries, but prosodyctl check dns uses sync queries.
* | prosodyctl: Add reference to #1602 (plugin installer docs) in commentKim Alvefur2021-01-211-0/+1
| |
* | prosodyctl: Move message after conditionKim Alvefur2021-01-211-1/+1
| | | | | | | | If the condition is false, the message becomes a lie!
* | util.prosodyctl: Remove unused calculation [luacheck]Kim Alvefur2021-01-211-1/+1
| |
* | util.prosodyctl: Rename unused variable to '_' [luacheck]Kim Alvefur2021-01-211-1/+1
| |
* | prosodyctl: Fix copypaste oversightKim Alvefur2021-01-211-2/+2
| |
* | util.prosodyctl: Always return exit code from luarocksKim Alvefur2021-01-211-4/+1
| | | | | | | | os.exit(true) errors on Lua 5.1
* | prosodyctl: Abort if no plugin source specified for the installerKim Alvefur2021-01-211-1/+7
| | | | | | | | Better than having a non-working default.
* | prosodyctl: Move UI related calls out of util.prosodyctlKim Alvefur2021-01-212-8/+5
| | | | | | | | | | I think this follows the general separation of duties between prosodyctl and util.prosodyctl better.
* | prosodyctl: Use luarocks status code as exit codeKim Alvefur2021-01-211-3/+6
| | | | | | | | Enables some shell level error handling
* | util.prosodyctl: Reword message to sound more naturalKim Alvefur2021-01-211-1/+1
| | | | | | | | | | | | | | English is hard. "to" might also work, but we'll go with this for now. 18:32:11 <MattJ> s/at/in/ ? 18:32:19 <MattJ> to match luarocks :)
* | util.prosodyctl: Propagate status from luarocks invocationKim Alvefur2021-01-211-1/+6
| |
* | util.prosodyctl: Use installer path prepared by util.startupKim Alvefur2021-01-211-10/+1
| |
* | lint: Add initial semgrep configKim Alvefur2021-01-181-0/+24
| |
* | util.datamanager: Fix not passing variables as format string to logger ↵Kim Alvefur2021-01-161-1/+1
| | | | | | | | | | | | | | (thanks semgrep) Passing error messages as format string could lead to errors, although not a problem anymore since util.format sanitizes this.
* | core.modulemanager: Fix resource location compat with LuaRocks 2.xKim Alvefur2021-01-161-1/+1
| | | | | | | | | | The path doesn't include lua version, at least least on Debian, which still has luarocks 2.x
* | MUC: Allow modules to add to the room registration form, and handle the resultMatthew Wild2021-01-151-0/+23
| |
* | doc/doap.xml: Fix attribute nameMatthew Wild2021-01-151-1/+1
| |
* | mod_mam: Workaround scansion test flakynessKim Alvefur2021-01-131-12/+2
| | | | | | | | The empty ID fields are sometimes accepted, sometimes not.
* | mod_storage_sql: Fix compatibilty with Lua 5.1Kim Alvefur2021-01-131-1/+2
| | | | | | | | | | | | string.rep() doesn't have the 3rd argument before Lua 5.2 Revert once we drop support for Lua 5.1
* | mod_muc_mam: Copy extended MAM support from mod_mamKim Alvefur2021-01-121-4/+21
| | | | | | | | | | | | mod_mam and mod_muc_mam are just different enough that having them be the same module gets complicated, but close enough to have overlapping code.
* | mod_mam: Advertise extended MAM when archive storage is capableKim Alvefur2021-01-122-3/+2
| |
* | mod_mam: Allow querying by set of IDsKim Alvefur2021-01-121-2/+8
| |
* | mod_storage_sql: Support query for set of IDsKim Alvefur2021-01-121-0/+10
| | | | | | | | Not compatible with Lua 5.1