prosody-modules
3b30635d215c
mod_compat_dialback/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_compat_dialback/README.markdown @ 5425:3b30635d215c

mod_http_oauth2: Support granting zero role-scopes It seems Very Bad that if you uncheck all roles on the consent page, you get the default scopes, which seems the opposite of what you probably intended. Currently, mod_tokenauth will do the same thing, so work is needed there too to allow issuing tokens without roles. A token without a role could be used for OIDC login, and not much else. This seems like a valuable thing to support.
author Kim Alvefur <zash@zash.se>
date Sun, 07 May 2023 19:29:15 +0200
parent 1900:41ebdb331b94
line wrap: on
line source

---
summary: Workaround for Dialback with some servers that violate RFC 6120
...

This module provides a workaround for servers that do not set the `to`
attribute on stream headers, which is required per [RFC6120]:

> ## 4.7.2. to
> 
> For initial stream headers in both client-to-server and
> server-to-server communication, the initiating entity MUST include the
> 'to' attribute and MUST set its value to a domainpart that the
> initiating entity knows or expects the receiving entity to service.

As a side effect of [this issue](https://prosody.im/issues/issue/285),
Prosody 0.10 will be unable to do [Dialback][xep220] with servers that
don't follow this.

# Known servers affected

* Openfire 3.10.2 (and probably earlier versions)