mod_http_oauth2: Disable CORS for authorization endpoint Per recommendation in draft-ietf-oauth-security-topics-23 Hopefully it is enough to return an error status, since mod_http will add CORS headers from a handler with higher priority, even for OPTIONS.

---
summary: External Service Discovery
...

This module implementing [XEP-0215] is included with Prosody 0.12 but made available here for older versions.

Documentation is available on the [Prosody site][doc:modules:mod_external_services].