| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
The same-origin policy enforced by browsers is a security measure that should
only be turned off when it is safe to do so. It is safe to do so in Prosody's
default modules, but people may load third-party modules that are unsafe.
Therefore we have flipped the default, so that modules must explicitly opt in
to having CORS headers added on their requests.
|
|
|
|
|
| |
This is far better than pre-0.12, because we now have a universal way to
configure and enable/disable CORS on a per-module basis.
|
| |
|
|
|
|
| |
option (fixes #1727)
|
|
|
|
|
|
|
|
|
|
| |
This is allowed by XEP-0045, which states:
"A moderator SHOULD NOT be allowed to revoke moderation privileges from
someone with a higher affiliation than themselves (i.e., an unaffiliated
moderator SHOULD NOT be allowed to revoke moderation privileges from an admin
or an owner, and an admin SHOULD NOT be allowed to revoke moderation
privileges from an owner)."
|
|
|
|
|
| |
This message was misplaced in c4599a7c534c when the @type and @host
check was introduced.
|
| |
|
|
|
|
| |
(fixes #1719)
|
|
|
|
| |
Ref #1717
|
|
|
|
|
|
|
|
|
|
| |
The "socket.unix" module exported only a function before
https://github.com/lunarmodules/luasocket/commit/aa1b8cc9bc35e56de15eeb153c899e4c51de82a8
when datagram support was added.
Fixes #1717
Thanks rsc and lucas for reporting and testing
|
|
|
|
|
|
|
|
|
| |
Invitee would not show up in the roster of the invite creator unless
they fetch their roster afterwards.
Fixes #1715
Thanks gerald
|
| |
|
|
|
|
|
|
| |
Words, sometimes I wonder how they even work
Maybe I missed something.
|
|\ |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
specified
The default config was updated in this way long ago, but if no option was
present in the config, Prosody would load internal_plain.
This change can result in changes (for the better) for people using very old
configuration files lacking an 'authentication' setting.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These options have been specified (and enabled) in the default config file for
a long time. However if unspecified in the config, they were not enabled. Now
they are.
This may result in a change of behaviour for people using very old config
files that lack the require_encryption options. But that's what we want.
|
| |
| |
| |
| | |
In line with the Prosody-wide default change for 0.12.
|
| | |
|
| |
| |
| |
| |
| | |
Since there are two calls to done() that can happen, if the timing is
right (or wrong) both can happen, which previously triggered an error.
|
| |
| |
| |
| |
| | |
Should make traces point here instead of timer dispatch, making
debugging easier
|
| |
| |
| |
| | |
Similar procedure as mod_csi_simple and mod_mam
|
| |
| |
| |
| | |
This is the noop that gets replaced later
|
|/
|
|
| |
Similar procedure as mod_csi_simple
|
|
|
|
| |
Because tables make everything better and more readable!
|
| |
|
|
|
|
|
|
|
|
|
|
| |
steps
Ensures unavailable presence and other outgoing stanzas are sent.
Waiting for c2s sessions to close first before proceeding to disable and
close s2s ensures that unavailable presence can go out, even if it
requires dialback to complete first.
|
|
|
|
|
| |
Lets other things step in and do things while c2s ports are closed, e.g.
mod_smacks, or other modules with port handlers that forward to c2s.
|
| |
|
|
|
|
| |
This ensures no new clients can start connecting during shutdown
|
| |
|
|
|
|
| |
The more compact these are, the better
|
|
|
|
|
| |
But then this is the internal API which is weird and unfriendly to
expose externally. Lots of methods to wrap tho ... one day.
|
|
|
|
|
|
| |
There was a separate boolean option to enable TLS before, but it was
merged with the port number option and it seems the typed API interface
got confused.
|
|
|
|
|
| |
This ensures that registration actually works even if allow_registration
is not enabled.
|
|
|
|
|
| |
This hack is not needed since a9c975a0f113 so can be removed when
included with Prosody.
|
|
|
|
|
|
| |
Usually on port 443 to avoid restrictive firewalls.
Thanks to Holger for discussion
|
|
|
|
|
| |
Much harder to get boolean options wrong than accidentally adding
something unrecognised to a Set.
|
|
|
|
|
|
|
|
| |
The connection events are more appropriate here, where the s2s-created
events happens a bit later or earlier in a sessions lifetime depending
on its direction and for outgoing connections isn't actually the
creation time (which happens immediately after pressing enter, so not
very interesting), but rather closer to the connection time.
|
|
|
|
|
| |
Allows doing things based on connections rather than sessions, which may
have been created before or after.
|
|
|
|
|
| |
This seems like the thing to do for time, which is usually divided into
divisors divisible by 60, or multiplied by multiples of 60
|
|
|
|
|
|
|
| |
http://[::]:5280/ is as sensible as http://*:5280/ so why not
This might be a bit weird when listening no multiple interfaces but not
sure we can really do anything sensible then anyway.
|
|
|
|
|
| |
This might make the global routes less confusing sometimes, or at least
valid URLs instead of http://*:5280/ which doesn't make much sense.
|
|
|
|
|
|
|
| |
This way the host-agnostic http://*:5280/ handler is not enabled, but
BOSH can still be used with any local VirtualHost
Ref #1712
|
|
|
|
|
|
|
| |
This way the host-agnostic http://*:5280/ handler is not enabled, but
BOSH can still be used with any local VirtualHost
Ref #1712
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Extra-extra obvious that no interaction with this should lead to
persisted changes
|
|
|
|
|
| |
I'm not sure what went wrong here, copy-paste mistake?
Doesn't matter as long as nobody can create nodes on this service.
|