Mercurial > prosody-modules
view mod_audit_status/README.md @ 5404:1087f697c3f3
mod_http_oauth2: Strip unknown extra fields from client registration
We shouldn't sign things we don't understand!
RFC 7591 section-2 states:
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
Prevents grandfathering in of unvalidated data that might become used
later, especially since the 'additionalProperties' schema keyword was
removed in 698fef74ce53
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 02 May 2023 16:23:40 +0200 |
parents | c450dbf6c0fa |
children |
line wrap: on
line source
--- summary: Log server status changes to audit log rockspec: {} ... This module records server status (start, stop, crash) to the audit log maintained by [mod_audit]. ## Configuration There is a single option, `audit_status_heartbeat_interval` which specifies the interval at which the "server is running" heartbeat should be updated (it is stored in Prosody's configured storage backend). To detect crashes, Prosody periodically updates this value at the specified interval. A low value will update more frequently, which causes additional I/O for Prosody. A high value will give less accurate timestamps for "server crashed" events in the audit log. The default value is 60 (seconds). ```lua audit_status_heartbeat_interval = 60 ``` ## Compatibility This module requires Prosody trunk (as of April 2023). It is not compatible with 0.12.