Mercurial > prosody-modules
view mod_flash_policy/mod_flash_policy.lua @ 5554:90449babaa48
mod_http_oauth2: Make allowed locales configurable
Explicit > Implicit
Instead of allowing anything after #, allow only the explicitly
configured locales to be used.
Default to empty list because using these is not supported yet.
This potentially limits the size of the client_id, which is already
quite large. Nothing prevents clients from registering a whole
client_id per locale, which would not require translation support on
this side.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 17 Jun 2023 19:03:32 +0200 |
parents | 7dbde05b48a9 |
children |
line wrap: on
line source
local filters = require "util.filters"; local config = {} config.file = module:get_option_string("crossdomain_file", ""); config.string = module:get_option_string("crossdomain_string", [[<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"/><allow-access-from domain="*" /></cross-domain-policy>]]); local string = '' if not config.file ~= '' then local f = assert(io.open(config.file)); string = f:read("*all"); else string = config.string end module:log("debug", "crossdomain string: "..string); module:set_global(); function filter_policy(data, session) -- Since we only want to check the first block of data, remove the filter filters.remove_filter(session, "bytes/in", filter_policy); if data == "<policy-file-request/>\0" then session.send(string.."\0"); return nil; -- Drop data to prevent it reaching the XMPP parser else return data; -- Pass data through, it wasn't a policy request end end function filter_session(session) if session.type == "c2s_unauthed" then filters.add_filter(session, "bytes/in", filter_policy, -1); end end function module.load() filters.add_filter_hook(filter_session); end function module.unload() filters.remove_filter_hook(filter_session); end