Mercurial > prosody-modules
view mod_tlsfail/mod_tlsfail.lua @ 5548:fd3c12c40cd9
mod_http_oauth2: Disable CORS for authorization endpoint
Per recommendation in draft-ietf-oauth-security-topics-23
Hopefully it is enough to return an error status, since mod_http will
add CORS headers from a handler with higher priority, even for OPTIONS.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 16 Jun 2023 00:05:57 +0200 |
| parents | 7009e16192fa |
| children |
line wrap: on
line source
local st = require "util.stanza"; local xmlns_starttls = 'urn:ietf:params:xml:ns:xmpp-tls'; local starttls_attr = { xmlns = xmlns_starttls }; local s2s_feature = st.stanza("starttls", starttls_attr); local starttls_failure = st.stanza("failure", starttls_attr); module:hook("stream-features", function(event) local features = event.features; features:add_child(s2s_feature); end); module:hook("s2s-stream-features", function(event) local features = event.features; features:add_child(s2s_feature); end); -- Hook <starttls/> module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", function(event) local origin = event.origin; (origin.sends2s or origin.send)(starttls_failure); origin:close(); return true; end);