prosody-modules
d3ebaef1ea7a
mod_proxy65_whitelist/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_proxy65_whitelist/README.markdown @ 5264:d3ebaef1ea7a

mod_http_oauth2: Correctly verify OAuth client credentials on revocation Makes no sense to validate against username and password here, or using a token to revoke another token, or itself? In fact, upon further discussion, why do you need credentials to revoke a token? If you are not supposed to have the token, revoking it seems the most responsible thing to do with it, so it should be allowed, while if you are supposed to have it, you should be allowed to revoke it.
author Kim Alvefur <zash@zash.se>
date Tue, 21 Mar 2023 21:57:18 +0100
parent 1820:8de50be756e5
child 5923:694b62d8a82f
line wrap: on
line source

---
labels: 'Stage-Alpha'
summary: Limit which file transfer users can use
...

Introduction
------------

This module attempts to restrict use of non-whitelisted XEP-0065
proxies.

Configuration
-------------

Without any options, the module will restrict users to local [proxy65
components](https://prosody.im/doc/modules/mod_proxy65).

    -- additional proxies to allow
    allowed_streamhosts = { "proxy.eu.jabber.org" }

The module will add all local proxies to that list. To prevent it from
doing that, set

    allow_local_streamhosts = false