Software /
code /
prosody-modules
Changeset
4654:ea17cfcbffab
mod_http_upload: Prevent the module from starting without TLS
author | Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> |
---|---|
date | Wed, 25 Aug 2021 12:52:33 +0200 |
parents | 4653:2b6e8ce5fb30 |
children | 4655:7f61d89a594d |
files | mod_http_upload/mod_http_upload.lua |
diffstat | 1 files changed, 9 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_upload/mod_http_upload.lua Wed Aug 25 10:22:37 2021 +0200 +++ b/mod_http_upload/mod_http_upload.lua Wed Aug 25 12:52:33 2021 +0200 @@ -7,6 +7,14 @@ -- Implementation of HTTP Upload file transfer mechanism used by Conversations -- +-- depends +module:depends("http"); +module:depends("disco"); + +if module:http_url():match("^http://") then + error("File upload MUST happen with TLS but it isn’t enabled, see https://prosody.im/doc/http for how to fix this issue"); +end + -- imports local st = require"util.stanza"; local lfs = require"lfs"; @@ -47,10 +55,6 @@ module:log("warn", "mod_%s loaded on a user host, this may be incompatible with some client software, see docs for correct usage", module.name); end --- depends -module:depends("http"); -module:depends("disco"); - local http_files; if not pcall(function () @@ -198,11 +202,6 @@ module:log("debug", "Upload of %dB by %s would exceed quota", filesize, user_bare); return nil, st.error_reply(stanza, "wait", "resource-constraint", "Quota reached"); end - local base_url = module:http_url(); - if base_url:match("^http://") then - module:log("error", "File upload MUST happen with TLS but it isn’t enabled, see https://prosody.im/doc/http for how to fix this issue"); - return nil, st.error_reply(stanza, "wait", "internal-server-error", "HTTPS is not configured properly on the server"); - end local random_dir = uuid(); local created, err = lfs.mkdir(join_path(storage_path, random_dir)); @@ -230,6 +229,7 @@ origin.log("debug", "Given upload slot %q", slot); + local base_url = module:http_url(); local slot_url = url.parse(base_url); slot_url.path = url.parse_path(slot_url.path or "/"); t_insert(slot_url.path, random_dir);