Mercurial > prosody-modules
view mod_compat_dialback/README.markdown @ 5186:fa3059e653fa
mod_http_oauth2: Implement the Implicit flow
Everyone says this is insecure and bad, but it's also the only thing
that makes sense for e.g. pure JavaScript clients, but hey implement
this even more complicated thing instead!
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 02 Mar 2023 22:06:50 +0100 |
| parents | 41ebdb331b94 |
| children |
line wrap: on
line source
--- summary: Workaround for Dialback with some servers that violate RFC 6120 ... This module provides a workaround for servers that do not set the `to` attribute on stream headers, which is required per [RFC6120]: > ## 4.7.2. to > > For initial stream headers in both client-to-server and > server-to-server communication, the initiating entity MUST include the > 'to' attribute and MUST set its value to a domainpart that the > initiating entity knows or expects the receiving entity to service. As a side effect of [this issue](https://prosody.im/issues/issue/285), Prosody 0.10 will be unable to do [Dialback][xep220] with servers that don't follow this. # Known servers affected * Openfire 3.10.2 (and probably earlier versions)