prosody-modules: mod_s2s_whitelist/mod_s2s_whitelist.lua annotate

annotate mod_s2s_whitelist/mod_s2s_whitelist.lua @ 5518:d87d0e4a8516

mod_http_oauth2: Validate the OpenID 'prompt' parameter Without support for affecting the login and consent procedure, it seems sensible to inform the client that they can't change anything with this parameter.

author	Kim Alvefur <zash@zash.se>
date	Mon, 05 Jun 2023 22:19:17 +0200
parents	c1a8ce147885
children

rev	line source
1288 c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	1 local st = require "util.stanza";
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	2
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	3 local whitelist = module:get_option_inherited_set("s2s_whitelist", {});
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	4
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	5 module:hook("route/remote", function (event)
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	6 if not whitelist:contains(event.to_host) then
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	7 module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	8 return true;
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	9 end
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	10 end, 100);
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	11
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	12 module:hook("s2s-stream-features", function (event)
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	13 if not whitelist:contains(event.origin.from_host) then
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	14 event.origin:close({
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	15 condition = "policy-violation";
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	16 text = "Communication with this domain is restricted";
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	17 });
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	18 end
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	19 end, 1000);