Mercurial > prosody-modules
changeset 882:4939788a47ea
mod_vjud: Disallow searching from remote hosts by default in search-all-users mode
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 16 Dec 2012 12:51:34 +0100 |
| parents | 4b06d6c79b15 |
| children | bec0a995f5df |
| files | mod_vjud/mod_vjud.lua |
| diffstat | 1 files changed, 6 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_vjud/mod_vjud.lua Sun Dec 16 12:47:26 2012 +0100 +++ b/mod_vjud/mod_vjud.lua Sun Dec 16 12:51:34 2012 +0100 @@ -31,6 +31,7 @@ ]]; local search_mode = module:get_option_string("vjud_mode", "opt-in"); +local allow_remote = module:get_option_boolean("allow_remote_searches", search_mode ~= "all"); local base_host = module:get_option_string("vjud_search_domain", module:get_host_type() == "component" and module.host:gsub("^[^.]+%.","") @@ -68,6 +69,11 @@ module:hook("iq/host/jabber:iq:search:query", function(event) local origin, stanza = event.origin, event.stanza; + if not (allow_remote or origin.type == "c2s") then + origin.send(st.error_reply(stanza, "cancel", "not-allowed")) + return true; + end + if stanza.attr.type == "get" then origin.send(st.reply(stanza):add_child(get_reply)); else -- type == "set"