view mod_http_debug/README.md @ 5549:01a0b67a9afd

mod_http_oauth2: Add TODO about disabling password grant Per recommendation in draft-ietf-oauth-security-topics-23 it should at the very least be disabled by default. However since this is used by the Snikket web portal some care needs to be taken not to break this, unless it's already broken by other changes to this module.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:06:53 +0200
parents 91564b57e595
children
line wrap: on
line source

---
summary: HTTP module returning info about requests for debugging
---

This module returns some info about HTTP requests as Prosody sees them
from an endpoint like `http://xmpp.example.net:5281/debug`.  This can be
used to validate [reverse-proxy configuration][doc:http] and similar use
cases.

# Example

```
$ curl -sSf  https://xmpp.example.net:5281/debug | json_pp
{
   "body" : "",
   "headers" : {
      "accept" : "*/*",
      "host" : "xmpp.example.net:5281",
      "user_agent" : "curl/7.74.0"
   },
   "httpversion" : "1.1",
   "id" : "jmFROQKoduU3",
   "ip" : "127.0.0.1",
   "method" : "GET",
   "path" : "/debug",
   "secure" : true,
   "url" : {
      "path" : "/debug"
   }
}
```

# Configuration

HTTP Methods handled can be configured via the `http_debug_methods`
setting. By default, the most common methods are already enabled.

```lua
http_debug_methods = { "GET"; "HEAD"; "DELETE"; "OPTIONS"; "PATCH"; "POST"; "PUT" };
```