view mod_dwd/README.markdown @ 5956:97375a78d2b5

mod_http_oauth2: Reject URLs with 'userinfo' part (thanks mimi89999) The LuaSocket parser supports these but they're deprecated without replacement by RFC 3986 > Use of the format "user:password" in the userinfo field is deprecated Allowing it in OAuth2 URLs is probably bad from a security perspective.
author Kim Alvefur <zash@zash.se>
date Thu, 29 Aug 2024 16:02:46 +0200
parents 04e168063fc7
children
line wrap: on
line source

---
summary: 'Dialback-without-Dialback'
...

Introduction
============

This module implements an optimization of the Dialback protocol, by
skipping the dialback step for servers presenting a valid certificate.

Configuration
=============

Simply add the module to the `modules_enabled` list.

        modules_enabled = {
            ...
            "dwd";
        }

Compatibility
=============

  ------------------ --------------------------
  0.10               Built into mod\_dialback
  0.9 + LuaSec 0.5   Works
  0.8                Doesn't work
  ------------------ --------------------------