mod_http_oauth2: Make note about handling repeated RFC 6749 states > If an authorization code is used more than once, the authorization > server MUST deny the request and SHOULD revoke (when possible) all > tokens previously issued based on that authorization code. We should follow the SHOULD. The MUST is already covered by removing the code state from the cache.

---
labels:
- 'Stage-Beta'
summary: 'XEP-0377: Spam Reporting'
---

This module is a very basic implementation of [XEP-0377: Spam Reporting].

When someone reports spam or abuse, a line about this is logged and an
event is fired so that other modules can act on the report.