File

mod_block_subscriptions/mod_block_subscriptions.lua @ 5512:1fbc8718bed6

mod_http_oauth2: Bind refresh tokens to client Prevent one OAuth client from using the refresh tokens issued to another client as required by RFC 6819 section 5.2.2.2 See also draft-ietf-oauth-security-topics-22 section 2.2.2 Thanks to OAuch for pointing out this issue
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:40:48 +0200
parent 773:107eb83aa732
line wrap: on
line source

local allowed_presence_types = { probe = true, unavailable = true };

function filter_presence(event)
	local stanza = event.stanza;
	local presence_type = stanza.attr.type;
	if presence_type == nil or allowed_presence_types[presence_type] then
		return;
	end
	return true; -- Drop
end

module:hook("pre-presence/bare", filter_presence, 200); -- Client sending
module:hook("presence/bare", filter_presence, 200); -- Client receiving