Mercurial > prosody-modules
view mod_muc_require_tos/README.markdown @ 5404:1087f697c3f3
mod_http_oauth2: Strip unknown extra fields from client registration
We shouldn't sign things we don't understand!
RFC 7591 section-2 states:
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
Prevents grandfathering in of unvalidated data that might become used
later, especially since the 'additionalProperties' schema keyword was
removed in 698fef74ce53
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 02 May 2023 16:23:40 +0200 |
| parents | 82dabfffaddf |
| children |
line wrap: on
line source
--- labels: - 'Stage-Alpha' summary: Require visitors to accept something before being allowed in a room ... # Introduction This module sends a message to visitors of a room, prompting them to accept or reject it. They get kicked if they reject it, and become members if they accept it. # Setup ```lua Component "rooms.example.org" "muc" modules_enabled = { "muc_require_tos"; } tos_welcome_message = "Please read and accept the TOS of this service: https://lurk.org/TOS.txt" tos_yes_message = "Thanks, and welcome here!" tos_no_message = "Too bad." ``` Compatibility ============= ----- ----- trunk Works ----- -----