Mercurial > prosody-modules
view mod_csi_compat/mod_csi_compat.lua @ 5548:fd3c12c40cd9
mod_http_oauth2: Disable CORS for authorization endpoint
Per recommendation in draft-ietf-oauth-security-topics-23
Hopefully it is enough to return an error status, since mod_http will
add CORS headers from a handler with higher priority, even for OPTIONS.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 16 Jun 2023 00:05:57 +0200 |
| parents | db8b256f51ff |
| children |
line wrap: on
line source
local st = require "util.stanza"; module:depends("csi"); module:add_feature("google:queue"); module:hook("iq-set/self/google:queue:query", function(event) local origin, stanza = event.origin, event.stanza; (origin.log or module._log)("debug", "Google queue invoked (CSI compat mode)") local payload = stanza:get_child("query", "google:queue"); if payload:get_child("enable") then module:fire_event("csi-client-inactive", event); elseif payload:get_child("disable") then module:fire_event("csi-client-active", event); end -- <flush/> is implemented as a noop, any IQ stanza would flush the queue anyways. origin.send(st.reply(stanza)); return true; end, 10);
