Mercurial > prosody-modules

view mod_compression_unsafe/README.markdown @ 5682:527c747711f3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parents 4b7e6c01aa1c
children
line wrap: on
line source

**NOTE:** XMPP compression has unresolved [security concerns](https://mail.jabber.org/pipermail/standards/2014-October/029215.html),
and this module has been removed from Prosody and renamed.

While the bandwidth usage of XMPP isn't that much, compressing the data
sent to/from your server can give significant benefits to those on slow
connections, such as dial-up or mobile networks. Prosody supports
compression for client-to-server (if your client supports it) and
server-to-server streams using the mod\_compression plugin.

# Details

mod\_compression implements [XEP-0138], and supports the zlib compression
algorithm.

## Dependencies

The XMPP protocol specifies that all clients and servers supporting
compression must support the "zlib" compression method, and this is what
Prosody uses. However you will need to install zlib support for Lua on
your system. There are different ways of doing this depending on your
system. If in doubt whether it is installed correctly, the command
`lua -lzlib` in a console should open a Lua prompt with no errors.

Debian/Ubuntu
:   `apt-get install lua-zlib`

LuaRocks
:   `luarocks install lua-zlib`

Source
:   <https://github.com/brimworks/lua-zlib>

# Usage

``` lua
modules_enabled = {
    -- Other modules
    "compression_unsafe"; -- Enable mod_compression_unsafe
}
```

## Configuration

The compression level can be set using the `compression_level` option
which can be a number from 1 to 9. Higher compression levels will use
more resources but less bandwidth.

## Example

``` lua
modules_enabled = {
    -- Other modules
    "compression_unsafe"; -- Enable mod_compression_unsafe
}
 
compression_level = 5
```