Mercurial > prosody-modules
view mod_firewall/scripts/spam-blocklists.pfw @ 5458:813fe4f76286
mod_http_oauth2: Do minimal validation of private-use URI schemes
Per draft-ietf-oauth-v2-1-08#section-2.3.1
> At a minimum, any private-use URI scheme that doesn't contain a period
> character (.) SHOULD be rejected.
Since this would rule out the OOB URI, which is useful for CLI tools and
such without a built-in http server, it is explicitly allowed.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 16 May 2023 22:18:12 +0200 |
parents | bebc5740fc16 |
children | d84757f9adcb |
line wrap: on
line source
# This script depends on spam-blocking.pfw also being loaded # Any traffic that is not explicitly blocked or allowed by other # rules will be checked against the JabberSPAM server blocklist %LIST blocklist: https://cdn.jsdelivr.net/gh/jabberspam/blacklist/blacklist.txt ::user/spam_handle_unknown_custom CHECK LIST: blocklist contains $<@from|host> BOUNCE=policy-violation (Your server is blocked due to spam)