aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
* mod_http: Consolidate handling of proxied connection detailsKim Alvefur2021-02-271-9/+9
| | | | | Trying to move everything relating to proxies and X-Forwarded-Foo into a single place.
* net.http.server: Set request.ip so mod_http doesn't have toKim Alvefur2021-02-271-1/+1
| | | | | | | | Because it already sets request.secure, which depends on the connection, just like the IP, so it makes sense to do both in the same place. Dealing with proxies can be left to mod_http for now, but maybe it could move into some util some day?
* Merge 0.11->trunkKim Alvefur2021-02-271-3/+3
|\
| * mod_http: Restore ip field for requests without proxiesKim Alvefur2021-02-271-2/+2
| | | | | | | | | | 8603011e51fe optimized out more than just the loop, leaving the .ip field blank when the request wasn't from a proxy.
| * mod_http: Fix trusted proxies check (thanks buildbot)Kim Alvefur2021-02-181-1/+1
| | | | | | | | | | is_trusted_proxy() is only in trunk, I dun goofed when I rebased 8603011e51fe from trunk.
* | mod_http_file_share: Skip removal of nothingKim Alvefur2021-02-261-5/+9
| | | | | | | | | | In case none of the expired files could be deleted then it's a waste of an API call to try to remove any of the metadata at all.
* | mod_http_file_share: Remove correct entries when not all expired files were ↵Kim Alvefur2021-02-251-10/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | deleted If any of the expired files could not be deleted then we should not forget about that, we should complain loudly and try again. The code got this backwards and would have removed only the entries referring to still existing files. Test procedure: 1. Upload a file 2. chown root:root http_file_share/ 3. In uploads.list, decrease 'when' enough to ensure expiry 4. Reload mod_http_file_share 5. Should see an error in the logs about failure to delete the file 6. Should see that the metadata in uploads.list is still there 7. chown http_file_share/ back to the previous owner 8. Reload mod_http_file_share 9. Should see logs about successful removal of expired file 10. Should see that the metadata in uploads.list is gone 11. Should see that the file was deleted
* | mod_http_errors: Add some commentsKim Alvefur2021-02-251-0/+3
| |
* | mod_http_errors: Add some silly variations for the '/' pageKim Alvefur2021-02-251-1/+11
| | | | | | | | | | | | | | | | | | > "You can do anything in XMPP!" > as a reminiscence of zombo.com -- jonas’ > A study in simplicity. Prosody tagline
* | mod_http_file_share: Fix traceback on missing file-typeKim Alvefur2021-02-241-1/+4
| | | | | | | | attempt to index a nil value (local 'filetype') casued by the :gsub call
* | mod_csi_simple: Add command to test importance algorithm on stream of stanzasKim Alvefur2021-02-231-0/+32
| | | | | | | | This won't include behavior provided by extra modules tho.
* | mod_http: Improve message for missing 'route'Kim Alvefur2021-02-231-1/+1
| | | | | | | | | | This was the late night early draft text, thought I had amended this but apparently I forgot.
* | mod_http: Warn if app is missing 'route'Kim Alvefur2021-02-211-1/+7
| | | | | | | | | | | | | | | | | | | | Makes no sense to have a http module with no handlers Would have helped me when I accidentally module:provides("http", { GET = handler; })
* | mod_http_file_share: Allow credentials via CORS (needed for auth token)Kim Alvefur2021-02-231-0/+3
| |
* | mod_http: Allow modifying CORS header list via :provides APIKim Alvefur2019-12-301-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E.g. module:provides("http", { cors = { headers = { Accept = true; Expect = false; }; }; route = { ... }; }); Case might be weird.
* | mod_http: Allow setting the CORS credentials flag via :provides APIKim Alvefur2019-12-301-1/+9
| | | | | | | | | | | | | | | | | | | | | | E.g. module:provides("http", { cors = { credentials = true; }; route = { ... }; });
* | mod_http_errors: Style tweakKim Alvefur2021-02-211-3/+3
| | | | | | | | | | Weird to have the background all the way to the edge of the viewport. Would be nice if this could be done without the extra span.
* | mod_http_file_share: Return a message from the base URLKim Alvefur2021-02-211-0/+9
| |
* | mod_websocket: Use mod_http_errors html template #1172Kim Alvefur2021-02-211-4/+12
| | | | | | | | Same as the prior commit to mod_bosh
* | mod_bosh: Include warning if endpoint accessed insecurely (#1172)Kim Alvefur2021-02-211-0/+1
| | | | | | | | | | | | | | This is to make it obvious if a misconfigured a proxy or the request really is insecure. Perhaps it should also check c2s_require_encryption?
* | mod_bosh: Use message template from mod_http_errorKim Alvefur2021-02-211-11/+9
| | | | | | | | | | | | Looking Good! And most importantly, consistent.
* | mod_http_errors: Add a highlighted warning to templateKim Alvefur2021-02-211-0/+3
| | | | | | | | | | | | | | It looks sooooo good! Meant to be used by e.g. mod_bosh to warn in case the request is considered insecure.
* | mod_http_errors: Add way to reuse the error page templateKim Alvefur2021-02-211-0/+7
| | | | | | | | | | | | | | | | | | | | module:fire_event("http-message", {title = "hello"; message = "world"}) Goal is to enable consistent messages from Prosody. Not necessarily error messages, but warnings or just notices. This does cause some drift in the purpose of mod_http_errors, but that's okay.
* | mod_http_errors: Minify CSSKim Alvefur2021-02-181-25/+6
| | | | | | | | Because It looks too big in view source!
* | mod_http: Optimize proxy IP checkKim Alvefur2021-02-181-0/+3
| | | | | | | | | | No need to do a subnet match comparison to see if two IP addresses match exactly.
* | mod_websocket: Inherit security status from http requestKim Alvefur2021-02-181-1/+1
| | | | | | | | | | | | | | Allows requests considered secure becasue of a proxy header to carry over to the client session. mod_bosh does this too.
* | mod_http: Consider x-forwarded-proto from trusted proxiesKim Alvefur2021-02-181-0/+4
| | | | | | | | | | | | | | Should be better than setting consider_{bosh,websocket}_secure as that may end up causing actually insecure requests to be considered secure. Doing it here, as with IP, should make this apply to all HTTP modules.
* | Merge 0.11->trunkKim Alvefur2021-02-181-1/+1
|\|
| * mod_http: Skip IP resolution in non-proxied caseKim Alvefur2021-02-181-1/+1
| | | | | | | | | | Skips doing the whole get_ip_from_request() dance if the request isn't from a proxy at all, even if the client sent the header for some reason.
* | mod_csi_simple: Fire event when flushing queueKim Alvefur2021-02-161-0/+1
| | | | | | | | | | To let other plugins know and take some action, e.g. flushing other buffers or whatnot.
* | mod_csi_simple: Set session state to 'flushing' while doing soKim Alvefur2021-02-161-1/+3
| | | | | | | | May be useful for 3rd party modules.
* | Merge 0.11->trunkKim Alvefur2021-02-151-0/+1
|\|
| * mod_pep: Advertise base pubsub feature (fixes #1632)0.11.8Kim Alvefur2021-02-151-0/+1
| | | | | | | | | | Noticed while discussing feature discovery in Gajim Thanks lovetox
* | mod_http_file_share: Prevent attempt to upload again after completionKim Alvefur2021-02-131-0/+9
| |
* | mod_http_file_share: Support sending 100 ContinueKim Alvefur2021-02-131-0/+3
| | | | | | | | | | E.g. curl will ask for this when sending large uploads. Removes a delay while it waits for an error or go-agead.
* | mod_s2s: Clarify comment about unused TLS settingsKim Alvefur2021-02-061-1/+3
| | | | | | | | Ref 115b5e32d960
* | mod_admin_shell: Add help section with (top level) MUC commandsKim Alvefur2021-02-051-0/+6
| | | | | | | | These were previously only documented on the site.
* | mod_admin_shell: Pretty-print HTTP endpoints in a human tableKim Alvefur2021-02-031-1/+7
| | | | | | | | Attempted readability improvement
* | mod_admin_shell: Remove previous print() callKim Alvefur2021-02-031-1/+0
| | | | | | | | Accident involving Mercurial interactive commit
* | mod_admin_shell: List modules providing each HTTP endpointKim Alvefur2021-02-031-0/+3
| |
* | mod_admin_shell: List global HTTP endpoints by defaultKim Alvefur2021-02-031-2/+7
| | | | | | | | Trick copied from the module commands
* | mod_c2s: Reflect stream 'from' attribute back if set (fix #1625)Kim Alvefur2021-02-031-1/+1
| | | | | | | | Clients should *not* be setting this before TLS anyways.
* | mod_http_file_share: Collect cache hit/miss statistics for downloadsKim Alvefur2021-02-021-1/+5
| |
* | mod_http_file_share: Measure how long it takes to prune expired filesKim Alvefur2021-02-021-0/+3
| |
* | mod_http_file_share: Collect statistics of files uploadedKim Alvefur2021-02-021-0/+3
| |
* | mod_storage_sql: Implement map-like API for archivesKim Alvefur2021-02-011-0/+47
| | | | | | | | | | | | | | | | Used by mod_http_file_share, muc moderation, etc. Tests tweaked because they failed on stanza internals that happen becasue of re-serialization. Namespaces differ since inheritance is implicit when building but explicit after parsing.
* | adhoc.lib: Tweak to allow using util.error objectsKim Alvefur2021-01-311-1/+1
| | | | | | | | | | | | Since util.stanza supports util.error objects via duck-typing and adhoc errors look enough like util.error objects, they should able to pass as such. This will allow converting adhoc commands to use util.error.
* | mod_http_file_share: Reorder argumentsKim Alvefur2021-01-311-2/+2
| | | | | | | | | | 'filetype' is optional, so having it last seems sensible. 'slot' is pretty important, so moving it earlier seems sensible.
* | mod_http_file_share: Update cached value while it is reasonably freshKim Alvefur2021-01-311-5/+10
| | | | | | | | | | This should ensure that cache entries until the oldest file that counted to the last 24h becomes older than 24h.
* | mod_http_file_share: Cache quotas to avoid hitting storageKim Alvefur2021-01-311-2/+12
| |