Mercurial > prosody-modules
view mod_compat_dialback/README.markdown @ 5416:2393dbae51ed
mod_http_oauth2: Add option for specifying TTL of registered clients
Meant to simplify configuration, since TTL vs ignoring expiration is
expected to be the main thing one would want to configure.
Unsure what the implications of having unlimited lifetime of clients
are, given no way to revoke them currently, short of rotating the
signing secret.
On one hand, it would be annoying to have the client expire.
On the other hand, it is trivial to re-register it.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 04 May 2023 18:41:33 +0200 |
| parents | 41ebdb331b94 |
| children |
line wrap: on
line source
--- summary: Workaround for Dialback with some servers that violate RFC 6120 ... This module provides a workaround for servers that do not set the `to` attribute on stream headers, which is required per [RFC6120]: > ## 4.7.2. to > > For initial stream headers in both client-to-server and > server-to-server communication, the initiating entity MUST include the > 'to' attribute and MUST set its value to a domainpart that the > initiating entity knows or expects the receiving entity to service. As a side effect of [this issue](https://prosody.im/issues/issue/285), Prosody 0.10 will be unable to do [Dialback][xep220] with servers that don't follow this. # Known servers affected * Openfire 3.10.2 (and probably earlier versions)