Mercurial > prosody-modules
view mod_welcome_page/README.markdown @ 5548:fd3c12c40cd9
mod_http_oauth2: Disable CORS for authorization endpoint
Per recommendation in draft-ietf-oauth-security-topics-23
Hopefully it is enough to return an error status, since mod_http will
add CORS headers from a handler with higher priority, even for OPTIONS.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 16 Jun 2023 00:05:57 +0200 |
parents | 03a647d2837e |
children |
line wrap: on
line source
--- labels: - 'Stage-Beta' summary: 'Serve a welcome page to users' rockspec: dependencies: - mod_http_libjs build: copy_directories: - html ... Introduction ============ This module serves a welcome page to users, and allows them to create an account invite via the web on invite-only servers. The page template and policy of when to allow account creation are both possible to override. This module is part of the suite of modules that implement invite-based account registration for Prosody. The other modules are: - mod_invites - mod_invites_adhoc - mod_invites_page - mod_invites_register - mod_invites_register_web - mod_register_apps For details and a full overview, start with the mod_invites documentation. Configuration ======= `welcome_page_template_path` : The path to a directory containing the page templates and assets. See the module source for the example template. `welcome_page_variables` : Optional variables to pass to the template, available as `{var.name}` `welcome_page_open_registration` : Whether to allow account creation in the absence of any other plugin overriding the policy. Defaults to `false` unless `registration_invite_only` is set to `false`.