view mod_flash_policy/mod_flash_policy.lua @ 5170:4d6af8950016

mod_muc_moderation: Derive role from reserved nickname if occupant When using a different client to moderate than the one used to participate in the chat, e.g. a command line tool like clix, there's no occupant and no role to use in the permission check. Previously the default role based on affiliation was used. Now if you are present in the room using your reserved nick, the role you have there is used in the permission check instead of the default affiliation-derived role.
author Kim Alvefur <zash@zash.se>
date Sun, 19 Feb 2023 18:17:37 +0100
parents 7dbde05b48a9
children
line wrap: on
line source

local filters = require "util.filters";
local config = {}
config.file = module:get_option_string("crossdomain_file", "");
config.string = module:get_option_string("crossdomain_string", [[<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"/><allow-access-from domain="*" /></cross-domain-policy>]]);
local string = ''
if not config.file ~= '' then
	local f = assert(io.open(config.file));
	string = f:read("*all");
else
	string = config.string
end

module:log("debug", "crossdomain string: "..string);

module:set_global();

function filter_policy(data, session)
	-- Since we only want to check the first block of data, remove the filter
	filters.remove_filter(session, "bytes/in", filter_policy);
	if data == "<policy-file-request/>\0" then
		session.send(string.."\0");
		return nil; -- Drop data to prevent it reaching the XMPP parser
	else
		return data; -- Pass data through, it wasn't a policy request
	end

end

function filter_session(session)
	if session.type == "c2s_unauthed" then
		filters.add_filter(session, "bytes/in", filter_policy, -1);
	end
end

function module.load()
	filters.add_filter_hook(filter_session);
end

function module.unload()
	filters.remove_filter_hook(filter_session);
end