mod_http_oauth2: Make note about handling repeated RFC 6749 states > If an authorization code is used more than once, the authorization > server MUST deny the request and SHOULD revoke (when possible) all > tokens previously issued based on that authorization code. We should follow the SHOULD. The MUST is already covered by removing the code state from the cache.

# Strip XHTML-IM from messages received from strangers

::user/spam_check_message_custom

STRIP=html http://jabber.org/protocol/xhtml-im