Mercurial > prosody-modules

view mod_blocking/README.markdown @ 5682:527c747711f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parents 836b36d8bfd2
children 51c08960cba3
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: 'XEP-0191: Simple Communications Blocking support'
...

Introduction
============

Privacy lists are a widely implemented protocol for instructing your
server on blocking communications with selected users and services.

However experience has shown that the power and flexibility of the
rule-based system that privacy lists allow is very often much more
complex than the user needs, and that in most cases a simple block on
all communications to or from a list of specified JIDs would suffice.

Such a protocol would also allow much simpler user interface design than
the current attempts at full privacy list interfaces.

Details
=======

Simple Communications Blocking was developed to solve the above issues,
and allows the client to manage a simple list of blocked JIDs. This
plugin implements support for that protocol in Prosody, however the
actual blocking is still managed by mod\_privacy, so it is **required**
for that plugin to be loaded (this may change in future).

An XEP-0191 implementation without dependency on mod\_privacy is
available in Prosody 0.10 as [mod\_blocklist][doc:modules:mod_blocklist].

Configuration
=============

Simply ensure that mod\_privacy (or [mod\_privacy\_lists] in 0.10+) and
mod\_blocking are loaded in your modules\_enabled list:

        modules_enabled = {
                        -- ...
                        "privacy", -- or privacy_lists in Prosody 0.10+
                        "blocking",
                        -- ...

Compatibility
=============

  ------ ---------------------------------------------
  0.10   Works but will conflict with mod\_blocklist
  0.9    Works
  0.8    Works
  0.7    Works
  0.6    Doesn't work
  ------ ---------------------------------------------