Mercurial > prosody-modules

view mod_host_blacklist/mod_host_blacklist.lua @ 5149:fa56ed2bacab

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_unified_push: Add support for multiple token backends, including stoage Now that we have ACLs by default, it is no longer necessary to be completely stateless. On 0.12, using storage has benefits over JWT, because it does not expose client JIDs to the push apps/services. In trunk, PASETO is stateless and does not expose client JIDs.
author Matthew Wild <mwild1@gmail.com>
date Sat, 14 Jan 2023 14:31:37 +0000
parents 547b3c05cc06
children
line wrap: on
line source

local jid_split = require "util.jid".split;
local st = require "util.stanza";
local set = require "util.set";
local select = select;

local blacklist = module:get_option_inherited_set("host_blacklist", {});

local function stanza_checker(attr)
	return function (event)
		local host = select(2, jid_split(event.stanza.attr[attr]));
		if blacklist:contains(host) then
			module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
			return true;
		end
	end
end

check_incoming_stanza = stanza_checker("from");
check_outgoing_stanza = stanza_checker("to");

for stanza_type in set.new{"presence","message","iq"}:items() do
	for jid_type in set.new{"bare", "full", "host"}:items() do
		module:hook("pre-"..stanza_type.."/"..jid_type, check_outgoing_stanza, 500);
		module:hook(stanza_type.."/"..jid_type, check_incoming_stanza, 500);
	end
end