aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* | mod_http: Warn if app is missing 'route'Kim Alvefur2021-02-211-1/+7
| | | | | | | | | | | | | | | | | | | | Makes no sense to have a http module with no handlers Would have helped me when I accidentally module:provides("http", { GET = handler; })
* | mod_http_file_share: Allow credentials via CORS (needed for auth token)Kim Alvefur2021-02-231-0/+3
| |
* | mod_http: Allow modifying CORS header list via :provides APIKim Alvefur2019-12-301-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E.g. module:provides("http", { cors = { headers = { Accept = true; Expect = false; }; }; route = { ... }; }); Case might be weird.
* | mod_http: Allow setting the CORS credentials flag via :provides APIKim Alvefur2019-12-301-1/+9
| | | | | | | | | | | | | | | | | | | | | | E.g. module:provides("http", { cors = { credentials = true; }; route = { ... }; });
* | mod_http_errors: Style tweakKim Alvefur2021-02-211-3/+3
| | | | | | | | | | Weird to have the background all the way to the edge of the viewport. Would be nice if this could be done without the extra span.
* | mod_http_file_share: Return a message from the base URLKim Alvefur2021-02-211-0/+9
| |
* | mod_websocket: Use mod_http_errors html template #1172Kim Alvefur2021-02-211-4/+12
| | | | | | | | Same as the prior commit to mod_bosh
* | mod_bosh: Include warning if endpoint accessed insecurely (#1172)Kim Alvefur2021-02-211-0/+1
| | | | | | | | | | | | | | This is to make it obvious if a misconfigured a proxy or the request really is insecure. Perhaps it should also check c2s_require_encryption?
* | mod_bosh: Use message template from mod_http_errorKim Alvefur2021-02-211-11/+9
| | | | | | | | | | | | Looking Good! And most importantly, consistent.
* | mod_http_errors: Add a highlighted warning to templateKim Alvefur2021-02-211-0/+3
| | | | | | | | | | | | | | It looks sooooo good! Meant to be used by e.g. mod_bosh to warn in case the request is considered insecure.
* | mod_http_errors: Add way to reuse the error page templateKim Alvefur2021-02-211-0/+7
| | | | | | | | | | | | | | | | | | | | module:fire_event("http-message", {title = "hello"; message = "world"}) Goal is to enable consistent messages from Prosody. Not necessarily error messages, but warnings or just notices. This does cause some drift in the purpose of mod_http_errors, but that's okay.
* | mod_http_errors: Minify CSSKim Alvefur2021-02-181-25/+6
| | | | | | | | Because It looks too big in view source!
* | mod_http: Optimize proxy IP checkKim Alvefur2021-02-181-0/+3
| | | | | | | | | | No need to do a subnet match comparison to see if two IP addresses match exactly.
* | mod_websocket: Inherit security status from http requestKim Alvefur2021-02-181-1/+1
| | | | | | | | | | | | | | Allows requests considered secure becasue of a proxy header to carry over to the client session. mod_bosh does this too.
* | mod_http: Consider x-forwarded-proto from trusted proxiesKim Alvefur2021-02-181-0/+4
| | | | | | | | | | | | | | Should be better than setting consider_{bosh,websocket}_secure as that may end up causing actually insecure requests to be considered secure. Doing it here, as with IP, should make this apply to all HTTP modules.
* | Merge 0.11->trunkKim Alvefur2021-02-181-1/+1
|\|
| * mod_http: Skip IP resolution in non-proxied caseKim Alvefur2021-02-181-1/+1
| | | | | | | | | | Skips doing the whole get_ip_from_request() dance if the request isn't from a proxy at all, even if the client sent the header for some reason.
* | mod_csi_simple: Fire event when flushing queueKim Alvefur2021-02-161-0/+1
| | | | | | | | | | To let other plugins know and take some action, e.g. flushing other buffers or whatnot.
* | mod_csi_simple: Set session state to 'flushing' while doing soKim Alvefur2021-02-161-1/+3
| | | | | | | | May be useful for 3rd party modules.
* | Merge 0.11->trunkKim Alvefur2021-02-151-0/+1
|\|
| * mod_pep: Advertise base pubsub feature (fixes #1632)0.11.8Kim Alvefur2021-02-151-0/+1
| | | | | | | | | | Noticed while discussing feature discovery in Gajim Thanks lovetox
* | mod_http_file_share: Prevent attempt to upload again after completionKim Alvefur2021-02-131-0/+9
| |
* | mod_http_file_share: Support sending 100 ContinueKim Alvefur2021-02-131-0/+3
| | | | | | | | | | E.g. curl will ask for this when sending large uploads. Removes a delay while it waits for an error or go-agead.
* | mod_s2s: Clarify comment about unused TLS settingsKim Alvefur2021-02-061-1/+3
| | | | | | | | Ref 115b5e32d960
* | mod_admin_shell: Add help section with (top level) MUC commandsKim Alvefur2021-02-051-0/+6
| | | | | | | | These were previously only documented on the site.
* | mod_admin_shell: Pretty-print HTTP endpoints in a human tableKim Alvefur2021-02-031-1/+7
| | | | | | | | Attempted readability improvement
* | mod_admin_shell: Remove previous print() callKim Alvefur2021-02-031-1/+0
| | | | | | | | Accident involving Mercurial interactive commit
* | mod_admin_shell: List modules providing each HTTP endpointKim Alvefur2021-02-031-0/+3
| |
* | mod_admin_shell: List global HTTP endpoints by defaultKim Alvefur2021-02-031-2/+7
| | | | | | | | Trick copied from the module commands
* | mod_c2s: Reflect stream 'from' attribute back if set (fix #1625)Kim Alvefur2021-02-031-1/+1
| | | | | | | | Clients should *not* be setting this before TLS anyways.
* | mod_http_file_share: Collect cache hit/miss statistics for downloadsKim Alvefur2021-02-021-1/+5
| |
* | mod_http_file_share: Measure how long it takes to prune expired filesKim Alvefur2021-02-021-0/+3
| |
* | mod_http_file_share: Collect statistics of files uploadedKim Alvefur2021-02-021-0/+3
| |
* | mod_storage_sql: Implement map-like API for archivesKim Alvefur2021-02-011-0/+47
| | | | | | | | | | | | | | | | Used by mod_http_file_share, muc moderation, etc. Tests tweaked because they failed on stanza internals that happen becasue of re-serialization. Namespaces differ since inheritance is implicit when building but explicit after parsing.
* | adhoc.lib: Tweak to allow using util.error objectsKim Alvefur2021-01-311-1/+1
| | | | | | | | | | | | Since util.stanza supports util.error objects via duck-typing and adhoc errors look enough like util.error objects, they should able to pass as such. This will allow converting adhoc commands to use util.error.
* | mod_http_file_share: Reorder argumentsKim Alvefur2021-01-311-2/+2
| | | | | | | | | | 'filetype' is optional, so having it last seems sensible. 'slot' is pretty important, so moving it earlier seems sensible.
* | mod_http_file_share: Update cached value while it is reasonably freshKim Alvefur2021-01-311-5/+10
| | | | | | | | | | This should ensure that cache entries until the oldest file that counted to the last 24h becomes older than 24h.
* | mod_http_file_share: Cache quotas to avoid hitting storageKim Alvefur2021-01-311-2/+12
| |
* | mod_http_file_share: Split out some variables for later reuseKim Alvefur2021-01-311-1/+3
| |
* | mod_http_file_share: Add support for daily upload quotas.Kim Alvefur2021-01-311-0/+19
| | | | | | | | | | Daily instead of total quotas, should be more efficient to calculate. Still O(n), but a smaller n. Less affected by total retention period.
* | mod_http_file_share: Add missing semicolonKim Alvefur2021-01-311-1/+1
| | | | | | | | | | Last comma or semicolon isn't required but makes the diffs nicer once you add another item after it.
* | mod_http_file_share: Clarify log messageKim Alvefur2021-01-301-1/+1
| | | | | | | | | | No expired ... what? Could be inferred from the module logging it, but better to be explicit.
* | mod_tls: Ignore lack of STARTTLS offer only when s2s_require_encryption setKim Alvefur2021-01-291-1/+4
| |
* | mod_tls: Attempt STARTTLS even if not advertised as per RFC 7590Kim Alvefur2021-01-291-2/+6
| |
* | mod_mam: Remove obsolete 'queryid' attribute from iq-result (thanks paul)Kim Alvefur2021-01-291-1/+1
| | | | | | | | Mentioned in xmpp:xsf@muc.xmpp.org?join
* | mod_http_file_share: Indicate missing token via WWW-Authenticate headerKim Alvefur2021-01-291-0/+1
| |
* | mod_http_file_share: Clarify message about missing Authorization headerKim Alvefur2021-01-291-1/+1
| |
* | mod_http_file_share: Allow started uploads to complete after token expiredKim Alvefur2021-01-281-1/+1
| | | | | | | | | | | | | | Otherwise uploads taking longer than 5 minutes would be rejected on completion, and that's probably annoying. Thanks jonas’
* | mod_http_file_share: Serve configurable set of safe mime types inline ↵Kim Alvefur2021-01-281-1/+8
| | | | | | | | | | | | (thanks jonas’) Otherwise people complain about browser 'Save as' dialog.
* | mod_http_file_share: Cache file metadataKim Alvefur2021-01-281-9/+38
| | | | | | | | | | | | | | | | For faster access by avoiding archive ID. No benchmarks were harmed in the making of this commit. ... no benchmarks were performed at all.