Software /
code /
prosody-modules
File
mod_sift/README.markdown @ 5819:93d6e9026c1b
mod_http_oauth2: Do not enforce PKCE on Device and OOB flows
PKCE does not appear to be used with the Device flow. I have found no
mention of any interaction between those standards. Since no data is
delivered via redirects in these cases, PKCE may not serve any purpose.
This is mostly a problem because we reuse the authorization code to
implement the Device and OOB flows.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 15 Dec 2023 12:10:07 +0100 |
parent | 2138:d3231a4d6a60 |
line wrap: on
line source
--- labels: - 'Stage-Alpha' summary: 'XEP-0273: Stanza Interception and Filtering Technology' ... Introduction ============ [SIFT][XEP-0273] is a technology to allow clients to filter incoming traffic on the server. This helps save bandwidth, etc. Compatibility ============= ----- ------- 0.7 Works ----- ------- Quirks ====== This implementation is a work in progress. - Stanzas to full JIDs get sifted correctly - Stanzas to bare JIDs are currently allowed/disallowed for all resources as a whole, and not for individual resources - Presence is only sent to available resources, and probes are not sent for unavailable reasources - This module currently does not interact with offline messages (filtered messages are dropped with an error reply) - Not tested with privacy lists