Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | mod_bosh: Set base_type on session | Matthew Wild | 2024-03-17 | 1 | -1/+1 |
| | | | | | This fixes a traceback with mod_saslauth. Ideally we move this to util.session at some point, though. | ||||
* | mod_bosh: Include stream attributes in stream-features event | Matthew Wild | 2023-10-28 | 1 | -1/+1 |
| | | | | | This matches what mod_c2s does, and fixes a traceback in mod_sasl2_fast when used with BOSH (that module tries to use event.stream.from). | ||||
* | plugins: Use integer config API with interval specification where sensible | Kim Alvefur | 2023-07-17 | 1 | -1/+1 |
| | | | | | | | Many of these fall into a few categories: - util.cache size, must be >= 1 - byte or item counts that logically can't be negative - port numbers that should be in 1..0xffff | ||||
* | plugins: Switch to :get_option_period() for time range options | Kim Alvefur | 2023-07-16 | 1 | -3/+3 |
| | | | | Improves readability ("1 day" vs 86400) and centralizes validation. | ||||
* | plugins: Prefix module imports with prosody namespace | Kim Alvefur | 2023-03-24 | 1 | -10/+10 |
| | |||||
* | mod_http (and dependent modules): Make CORS opt-in by default (fixes #1731) | Matthew Wild | 2022-03-28 | 1 | -0/+3 |
| | | | | | | | | | The same-origin policy enforced by browsers is a security measure that should only be turned off when it is safe to do so. It is safe to do so in Prosody's default modules, but people may load third-party modules that are unsafe. Therefore we have flipped the default, so that modules must explicitly opt in to having CORS headers added on their requests. | ||||
* | mod_bosh: Only enable host-agnostic HTTP routing when enabled globally | Kim Alvefur | 2022-02-04 | 1 | -1/+3 |
| | | | | | | | This way the host-agnostic http://*:5280/ handler is not enabled, but BOSH can still be used with any local VirtualHost Ref #1712 | ||||
* | mod_c2s,etc: Identify stanza object with appropriate function | Kim Alvefur | 2021-10-24 | 1 | -2/+2 |
| | | | | | Better than duck typing, in case anyone ever passes a non-stanza table with a 'name' field. | ||||
* | mod_bosh: Fix typo in comment | Kim Alvefur | 2021-09-19 | 1 | -1/+1 |
| | |||||
* | mod_bosh,mod_websocket: Make into global-shared modules (...again) | Kim Alvefur | 2021-06-21 | 1 | -10/+14 |
| | | | | | | | | | | | | Global modules aren't quite considered loaded onto hosts, which causes confusion in some cases. They are also reported in the log as being served on http://*:5280/foo which is also a bit confusing, and can't be clicked. Global modules also have to have their paths configured in the global section, which could be confusing and unexpected. This global+shared method should be the best of both worlds. | ||||
* | mod_bosh: Add todo to use util.session to create session object | Kim Alvefur | 2021-07-29 | 1 | -0/+1 |
| | | | | | So that we get single point where shared session properties can be added. But not now. One day. Maybe. Patches welcome. | ||||
* | Fix various spelling errors (thanks codespell) | Kim Alvefur | 2021-07-27 | 1 | -1/+1 |
| | | | | | Also special thanks to timeless, for wordlessly reminding me to check for typos. | ||||
* | Merge 0.11->trunk | Matthew Wild | 2021-05-13 | 1 | -1/+2 |
|\ | |||||
| * | mod_c2s, mod_s2s, mod_component, mod_bosh, mod_websockets: Set default ↵ | Matthew Wild | 2021-05-07 | 1 | -1/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | stanza size limits c2s/bosh/ws streams will default to 256KB, s2s and components to 512KB. These values are aligned with ejabberd's default settings, which should reduce issues related to inconsistent size limits between servers on the XMPP network. The previous default (10MB) is excessive for any production server, and allows significant memory usage by even unauthenticated sessions. | ||||
* | | mod_bosh: Include warning if endpoint accessed insecurely (#1172) | Kim Alvefur | 2021-02-21 | 1 | -0/+1 |
| | | | | | | | | | | | | | | This is to make it obvious if a misconfigured a proxy or the request really is insecure. Perhaps it should also check c2s_require_encryption? | ||||
* | | mod_bosh: Use message template from mod_http_error | Kim Alvefur | 2021-02-21 | 1 | -11/+9 |
| | | | | | | | | | | | | Looking Good! And most importantly, consistent. | ||||
* | | mod_bosh: Count connection attempts non-VirtualHost as "bad host" (stats) | Kim Alvefur | 2020-10-03 | 1 | -0/+2 |
| | | |||||
* | | Merge 0.11->trunk | Kim Alvefur | 2020-10-03 | 1 | -1/+18 |
|\| | |||||
| * | mod_bosh: Ensure that stream is directed to a VirtualHost (fixes #425) | Kim Alvefur | 2020-10-03 | 1 | -0/+16 |
| | | |||||
| * | mod_bosh: Pick out the 'wait' before checking it instead of earlier | Kim Alvefur | 2020-10-03 | 1 | -1/+2 |
| | | | | | | | | | | Going to add more host related checks, so to keep the wait variable closer to the related checks | ||||
* | | mod_bosh, mod_websocket: Add config options to override GET responses | Matthew Wild | 2020-04-20 | 1 | -4/+6 |
| | | |||||
* | | mod_bosh: Abort early if request is missing hostname | Kim Alvefur | 2019-11-02 | 1 | -0/+9 |
| | | | | | | | | Prevents traceback from passing nil to nameprep() | ||||
* | | plugins: Remove tostring call from logging | Kim Alvefur | 2019-07-30 | 1 | -8/+8 |
| | | | | | | | | | | | | Taken care of by loggingmanager now Mass-rewrite using lua pattern like `tostring%b()` | ||||
* | | mod_bosh: Added metrics for active/inactive sessions, new BOSH sessions, ↵ | Arc Riley | 2019-05-03 | 1 | -2/+28 |
| | | | | | | | | BOSH errors, and timeouts (finishes #998) | ||||
* | | mod_bosh, mod_websocket: Remove accidentally included dependency on ↵ | Kim Alvefur | 2019-01-19 | 1 | -1/+0 |
| | | | | | | | | non-existant module | ||||
* | | mod_bosh: Drop CORS code in favor of than in mod_http | Kim Alvefur | 2018-10-04 | 1 | -25/+5 |
|/ | | | | | This deprecates the cross_domain_bosh setting. As a compat measure, if it is set, mod_http_crossdomain is loaded. | ||||
* | mod_bosh: Handle missing wait attribute (fixes #1288) | Kim Alvefur | 2019-01-10 | 1 | -1/+1 |
| | | | | 250855633092 did not fix this completely. | ||||
* | mod_bosh: Fire stream feature event on hosts (thanks gerald) | Kim Alvefur | 2018-09-24 | 1 | -1/+1 |
| | | | | | Since the module is now global, this event was also fired in a global context by default. | ||||
* | mod_bosh: Make BOSH global again! | Kim Alvefur | 2018-09-22 | 1 | -5/+2 |
| | |||||
* | mod_bosh: Add extra debug logging to help with #1134 | Kim Alvefur | 2018-05-15 | 1 | -0/+6 |
| | |||||
* | mod_bosh: Fix inconsistent whitespace [luacheck] | Kim Alvefur | 2018-05-01 | 1 | -2/+2 |
| | |||||
* | mod_bosh: Fix for 7be8f649d97d to skip error handling and allow other ↵ | Matthew Wild | 2018-04-29 | 1 | -3/+6 |
| | | | | modules to handle the request | ||||
* | mod_bosh: Increase number of stored responses to ensure we always keep ↵ | Matthew Wild | 2018-04-11 | 1 | -1/+1 |
| | | | | responses within the rid window available | ||||
* | mod_bosh: Improve connection robustness with better handling of unexpected rids | Matthew Wild | 2018-04-10 | 1 | -12/+19 |
| | |||||
* | mod_bosh: Some additonal comments to improve code readability | Matthew Wild | 2018-04-10 | 1 | -1/+3 |
| | |||||
* | mod_bosh: Whitespace | Matthew Wild | 2018-04-10 | 1 | -1/+0 |
| | |||||
* | mod_bosh: Improve logging - parse errors will now log through the session ↵ | Matthew Wild | 2018-04-10 | 1 | -1/+2 |
| | | | | logger if possible | ||||
* | mod_bosh: Improve logging on session close (reason may be a table with params) | Matthew Wild | 2018-04-10 | 1 | -1/+1 |
| | |||||
* | mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) ↵ | Kim Alvefur | 2018-03-15 | 1 | -17/+1 |
| | | | | (fixes #540) | ||||
* | mod_bosh: Return implicit 404 instead of the proper BOSH terminate thing | Kim Alvefur | 2017-12-27 | 1 | -6/+3 |
| | |||||
* | mod_bosh: Limit stream to current host (fixes #371) | Kim Alvefur | 2017-12-13 | 1 | -2/+1 |
| | |||||
* | mod_bosh: Make into a normal module (fixes #402) | Kim Alvefur | 2017-12-13 | 1 | -16/+12 |
| | |||||
* | mod_bosh: Use module API to fire events | Kim Alvefur | 2017-12-13 | 1 | -2/+2 |
| | |||||
* | mod_bosh: Use moduleapi logger | Kim Alvefur | 2017-12-13 | 1 | -1/+1 |
| | |||||
* | mod_bosh: Rename variable to avoid name clash [luacheck] | Kim Alvefur | 2017-12-13 | 1 | -3/+3 |
| | |||||
* | mod_bosh: Ignore unused argument [luacheck] | Kim Alvefur | 2017-12-13 | 1 | -1/+1 |
| | |||||
* | mod_bosh: Remove unused variable [luacheck] | Kim Alvefur | 2017-12-13 | 1 | -1/+0 |
| | |||||
* | Merge 0.10 -> trunk | Matthew Wild | 2017-07-28 | 1 | -1/+1 |
|\ | |||||
| * | mod_bosh: Add ::1 to the default trusted_proxies. | Emmanuel Gil Peyrot | 2017-07-16 | 1 | -1/+1 |
| | | |||||
* | | Merge 0.10->trunk | Kim Alvefur | 2017-04-20 | 1 | -1/+3 |
|\| |