Mercurial > prosody-modules
view mod_storage_memory/README.markdown @ 5404:1087f697c3f3
mod_http_oauth2: Strip unknown extra fields from client registration
We shouldn't sign things we don't understand!
RFC 7591 section-2 states:
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
Prevents grandfathering in of unvalidated data that might become used
later, especially since the 'additionalProperties' schema keyword was
removed in 698fef74ce53
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 02 May 2023 16:23:40 +0200 |
| parents | f5d4e23fa8f7 |
| children |
line wrap: on
line source
--- labels: - 'Stage-Merged' - 'Type-Storage' - ArchiveStorage summary: 'Simple memory-only storage module' ... Introduction ============ This module acts as a normal storage module for Prosody, but saves all data in memory only. All data is lost when the server stops. This makes it useful for testing, or certain specialized applications. Details ======= Because the accounts store will always begin empty, it is mostly useful combined with an authentication plugin which doesn't use Prosody's storage API, or with [mod\_auth\_any](mod_auth_any.html), or you can create user accounts manually each time the server starts. Compatibility ============= ----- ------- 0.9 Works ----- -------