Mercurial > prosody-modules
diff mod_external_services/mod_external_services.lua @ 4665:f0ffa8cf3ce6
mod_external_services: Validate required attributes on credentials requests
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 29 Aug 2021 23:26:19 +0200 |
| parents | 4841cf3fded5 |
| children | dbc7ba3cc27c |
line wrap: on
line diff
--- a/mod_external_services/mod_external_services.lua Wed Sep 01 22:41:27 2021 +0100 +++ b/mod_external_services/mod_external_services.lua Sun Aug 29 23:26:19 2021 +0200 @@ -168,7 +168,7 @@ local action = stanza.tags[1]; if origin.type ~= "c2s" then - origin.send(st.error_reply(stanza, "auth", "forbidden")); + origin.send(st.error_reply(stanza, "auth", "forbidden", "The 'port' and 'type' attributes are required.")); return true; end @@ -181,6 +181,11 @@ local requested_credentials = {}; for service in action:childtags("service") do + if not service.attr.type or not service.attr.host then + origin.send(st.error_reply(stanza, "modify", "bad-request")); + return true; + end + table.insert(requested_credentials, { type = service.attr.type; host = service.attr.host;