view mod_s2s_whitelist/README.markdown @ 5512:1fbc8718bed6

mod_http_oauth2: Bind refresh tokens to client Prevent one OAuth client from using the refresh tokens issued to another client as required by RFC 6819 section 5.2.2.2 See also draft-ietf-oauth-security-topics-22 section 2.2.2 Thanks to OAuch for pointing out this issue
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:40:48 +0200
parents 313937349fbc
children
line wrap: on
line source

This module lets you block connections to any remote servers not on a
whitelist.

``` {.lua}
modules_enabled = {
    -- other modules --
    "s2s_whitelist",

}
s2s_whitelist = {
    "example.org",
}
```