Mercurial > prosody-modules
view mod_strict_https/mod_strict_https.lua @ 4738:5aee8d86629a
mod_bookmarks2: Fix handling of nick and password elements
This form of child retrieval fails when the stanza elements internally
don't have an 'xmlns' attribute, which can happen sometimes for some
reason, including when they have been constructed via the stanza builder
API. When that is the case then the explicit namespace arguemnt does not
match the nil value of the internal attribute. Calling `:get_child()`
without the namespace argument does the right thing here, with both nil
and the parent namespace as valid values for the internal attribute.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 03 Nov 2021 21:11:55 +0100 |
parents | efa9c1676d1f |
children | b3158647cb36 |
line wrap: on
line source
-- HTTP Strict Transport Security -- https://tools.ietf.org/html/rfc6797 module:set_global(); local http_server = require "net.http.server"; local hsts_header = module:get_option_string("hsts_header", "max-age=31556952"); -- This means "Don't even try to access without HTTPS for a year" local _old_send_response; local _old_fire_event; local modules = {}; function module.load() _old_send_response = http_server.send_response; function http_server.send_response(response, body) response.headers.strict_transport_security = hsts_header; return _old_send_response(response, body); end _old_fire_event = http_server._events.fire_event; function http_server._events.fire_event(event, payload) local request = payload.request; local host = event:match("^[A-Z]+ ([^/]+)"); local module = modules[host]; if module and not request.secure then payload.response.headers.location = module:http_url(request.path); return 301; end return _old_fire_event(event, payload); end end function module.unload() http_server.send_response = _old_send_response; http_server._events.fire_event = _old_fire_event; end function module.add_host(module) local http_host = module:get_option_string("http_host", module.host); modules[http_host] = module; function module.unload() modules[http_host] = nil; end end