Software / code / prosody
Annotate
plugins/mod_http.lua @ 12181:783056b4e448 0.11 0.11.12
util.xml: Do not allow doctypes, comments or processing instructions
Yes. This is as bad as it sounds. CVE pending.
In Prosody itself, this only affects mod_websocket, which uses util.xml
to parse the <open/> frame, thus allowing unauthenticated remote DoS
using Billion Laughs. However, third-party modules using util.xml may
also be affected by this.
This commit installs handlers which disallow the use of doctype
declarations and processing instructions without any escape hatch. It,
by default, also introduces such a handler for comments, however, there
is a way to enable comments nontheless.
This is because util.xml is used to parse human-facing data, where
comments are generally a desirable feature, and also because comments
are generally harmless.
| author | Jonas Schäfer <jonas@wielicki.name> |
|---|---|
| date | Mon, 10 Jan 2022 18:23:54 +0100 |
| parent | 11407:8d6e013377fa |
| child | 11408:1b6298e7b550 |
| rev | line source |
|---|---|
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
1 -- Prosody IM |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
2 -- Copyright (C) 2008-2012 Matthew Wild |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
3 -- Copyright (C) 2008-2012 Waqas Hussain |
|
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5427
diff
changeset
|
4 -- |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
5 -- This project is MIT/X11 licensed. Please see the |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
6 -- COPYING file in the source package for more information. |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
7 -- |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
8 |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
9 module:set_global(); |
|
4774
b2ed4e1bcb6e
mod_http: Depend on mod_http_errors
Matthew Wild <mwild1@gmail.com>
parents:
4736
diff
changeset
|
10 module:depends("http_errors"); |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
11 |
| 5374 | 12 local portmanager = require "core.portmanager"; |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
13 local moduleapi = require "core.moduleapi"; |
|
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
14 local url_parse = require "socket.url".parse; |
|
5093
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
15 local url_build = require "socket.url".build; |
|
9504
cfbea3064aa9
mod_http: Move normalize_path to util.http
Kim Alvefur <zash@zash.se>
parents:
9503
diff
changeset
|
16 local normalize_path = require "util.http".normalize_path; |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
17 |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
18 local server = require "net.http.server"; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
19 |
|
4736
3514338c59c3
net.http.server, mod_http: Support http_default_host config option to specify where to direct requests for unknown HTTP vhosts
Matthew Wild <mwild1@gmail.com>
parents:
4724
diff
changeset
|
20 server.set_default_host(module:get_option_string("http_default_host")); |
|
3514338c59c3
net.http.server, mod_http: Support http_default_host config option to specify where to direct requests for unknown HTTP vhosts
Matthew Wild <mwild1@gmail.com>
parents:
4724
diff
changeset
|
21 |
|
7580
588ed6451984
mod_http: Allow configuring http parser size limits
Kim Alvefur <zash@zash.se>
parents:
6598
diff
changeset
|
22 server.set_option("body_size_limit", module:get_option_number("http_max_content_size")); |
|
588ed6451984
mod_http: Allow configuring http parser size limits
Kim Alvefur <zash@zash.se>
parents:
6598
diff
changeset
|
23 server.set_option("buffer_size_limit", module:get_option_number("http_max_buffer_size")); |
|
588ed6451984
mod_http: Allow configuring http parser size limits
Kim Alvefur <zash@zash.se>
parents:
6598
diff
changeset
|
24 |
|
4667
d0cfc49f3f2b
mod_http: Support for default_path in apps
Matthew Wild <mwild1@gmail.com>
parents:
4664
diff
changeset
|
25 local function get_http_event(host, app_path, key) |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
26 local method, path = key:match("^(%S+)%s+(.+)$"); |
|
4721
1c6c4c53f08a
mod_http: Routes now require a method to be specified, but the path has become optional (defaults to the base path with no trailing '/'
Matthew Wild <mwild1@gmail.com>
parents:
4720
diff
changeset
|
27 if not method then -- No path specified, default to "" (base path) |
|
1c6c4c53f08a
mod_http: Routes now require a method to be specified, but the path has become optional (defaults to the base path with no trailing '/'
Matthew Wild <mwild1@gmail.com>
parents:
4720
diff
changeset
|
28 method, path = key, ""; |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
29 end |
|
4721
1c6c4c53f08a
mod_http: Routes now require a method to be specified, but the path has become optional (defaults to the base path with no trailing '/'
Matthew Wild <mwild1@gmail.com>
parents:
4720
diff
changeset
|
30 if method:sub(1,1) == "/" then |
|
1c6c4c53f08a
mod_http: Routes now require a method to be specified, but the path has become optional (defaults to the base path with no trailing '/'
Matthew Wild <mwild1@gmail.com>
parents:
4720
diff
changeset
|
31 return nil; |
|
1c6c4c53f08a
mod_http: Routes now require a method to be specified, but the path has become optional (defaults to the base path with no trailing '/'
Matthew Wild <mwild1@gmail.com>
parents:
4720
diff
changeset
|
32 end |
|
5092
a89f8f2f2943
mod_http: Don't produce paths with double / if a module is set to serve /
Kim Alvefur <zash@zash.se>
parents:
4915
diff
changeset
|
33 if app_path == "/" and path:sub(1,1) == "/" then |
|
a89f8f2f2943
mod_http: Don't produce paths with double / if a module is set to serve /
Kim Alvefur <zash@zash.se>
parents:
4915
diff
changeset
|
34 app_path = ""; |
|
a89f8f2f2943
mod_http: Don't produce paths with double / if a module is set to serve /
Kim Alvefur <zash@zash.se>
parents:
4915
diff
changeset
|
35 end |
|
9376
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
36 if host == "*" then |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
37 return method:upper().." "..app_path..path; |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
38 else |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
39 return method:upper().." "..host..app_path..path; |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
40 end |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
41 end |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
42 |
|
4702
5a85e541de1a
mod_http: Switch to single option for specifying HTTP app bases, http_paths. Keys are app/module names, values are base paths.
Matthew Wild <mwild1@gmail.com>
parents:
4696
diff
changeset
|
43 local function get_base_path(host_module, app_name, default_app_path) |
|
5332
5b73ac268a9e
mod_http: Expand $host in http_paths
Kim Alvefur <zash@zash.se>
parents:
5230
diff
changeset
|
44 return (normalize_path(host_module:get_option("http_paths", {})[app_name] -- Host |
|
4702
5a85e541de1a
mod_http: Switch to single option for specifying HTTP app bases, http_paths. Keys are app/module names, values are base paths.
Matthew Wild <mwild1@gmail.com>
parents:
4696
diff
changeset
|
45 or module:get_option("http_paths", {})[app_name] -- Global |
|
5332
5b73ac268a9e
mod_http: Expand $host in http_paths
Kim Alvefur <zash@zash.se>
parents:
5230
diff
changeset
|
46 or default_app_path)) -- Default |
|
6025
583e5c1365fe
mod_http: Use hostname from the correct context (thanks gryffus)
Kim Alvefur <zash@zash.se>
parents:
5427
diff
changeset
|
47 :gsub("%$(%w+)", { host = host_module.host }); |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
48 end |
|
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
49 |
|
6504
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
50 local function redir_handler(event) |
|
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
51 event.response.headers.location = event.request.path.."/"; |
|
7518
829ebe806e82
mod_http: Fix indentation in redir_handler
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7359
diff
changeset
|
52 if event.request.url.query then |
|
829ebe806e82
mod_http: Fix indentation in redir_handler
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7359
diff
changeset
|
53 event.response.headers.location = event.response.headers.location .. "?" .. event.request.url.query |
|
829ebe806e82
mod_http: Fix indentation in redir_handler
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7359
diff
changeset
|
54 end |
|
6504
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
55 return 301; |
|
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
56 end |
|
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
57 |
|
5093
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
58 local ports_by_scheme = { http = 80, https = 443, }; |
|
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
59 |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
60 -- Helper to deduce a module's external URL |
|
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
61 function moduleapi.http_url(module, app_name, default_path) |
|
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
62 app_name = app_name or (module.name:gsub("^http_", "")); |
|
5183
8461e8ed7c09
mod_http: Rename variable for clarity
Matthew Wild <mwild1@gmail.com>
parents:
5180
diff
changeset
|
63 local external_url = url_parse(module:get_option_string("http_external_url")) or {}; |
|
6026
8a8be471ec72
mod_http: Fix http_external_url setting without an explicit port
Kim Alvefur <zash@zash.se>
parents:
6025
diff
changeset
|
64 if external_url.scheme and external_url.port == nil then |
|
8a8be471ec72
mod_http: Fix http_external_url setting without an explicit port
Kim Alvefur <zash@zash.se>
parents:
6025
diff
changeset
|
65 external_url.port = ports_by_scheme[external_url.scheme]; |
|
8a8be471ec72
mod_http: Fix http_external_url setting without an explicit port
Kim Alvefur <zash@zash.se>
parents:
6025
diff
changeset
|
66 end |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
67 local services = portmanager.get_active_services(); |
|
4915
3fbc01d1fc5a
mod_http: Fix traceback when no HTTP services succeed in binding
Matthew Wild <mwild1@gmail.com>
parents:
4911
diff
changeset
|
68 local http_services = services:get("https") or services:get("http") or {}; |
|
8969
48d0b908f8b6
mod_http: Silecence harmless warnings
Kim Alvefur <zash@zash.se>
parents:
8596
diff
changeset
|
69 for interface, ports in pairs(http_services) do -- luacheck: ignore 213/interface |
|
8970
75c3b1bd9d7b
mod_http: Rename loop variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8969
diff
changeset
|
70 for port, service in pairs(ports) do -- luacheck: ignore 512 |
|
5093
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
71 local url = { |
|
8970
75c3b1bd9d7b
mod_http: Rename loop variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8969
diff
changeset
|
72 scheme = (external_url.scheme or service[1].service.name); |
|
5190
76c73bd3d483
mod_http: Make module:http_url() aware of http_host
Kim Alvefur <zash@zash.se>
parents:
5183
diff
changeset
|
73 host = (external_url.host or module:get_option_string("http_host", module.host)); |
|
5183
8461e8ed7c09
mod_http: Rename variable for clarity
Matthew Wild <mwild1@gmail.com>
parents:
5180
diff
changeset
|
74 port = tonumber(external_url.port) or port or 80; |
|
9502
09e7b0048ebe
mod_http: Make sure path from http_external_url always ends with a slash (fixes #1183)
Kim Alvefur <zash@zash.se>
parents:
7867
diff
changeset
|
75 path = normalize_path(external_url.path or "/", true).. |
|
5093
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
76 (get_base_path(module, app_name, default_path or "/"..app_name):sub(2)); |
|
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
77 } |
|
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
78 if ports_by_scheme[url.scheme] == url.port then url.port = nil end |
|
1ce9e8068dda
mod_http: Rework how module:http_url() builds the url.
Kim Alvefur <zash@zash.se>
parents:
5092
diff
changeset
|
79 return url_build(url); |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
80 end |
|
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
81 end |
|
6598
4b4852c4f96a
mod_http: Return a static string from module:http_url() when no ports are enabled and log a warning
Kim Alvefur <zash@zash.se>
parents:
6597
diff
changeset
|
82 module:log("warn", "No http ports enabled, can't generate an external URL"); |
|
4b4852c4f96a
mod_http: Return a static string from module:http_url() when no ports are enabled and log a warning
Kim Alvefur <zash@zash.se>
parents:
6597
diff
changeset
|
83 return "http://disabled.invalid/"; |
|
4702
5a85e541de1a
mod_http: Switch to single option for specifying HTTP app bases, http_paths. Keys are app/module names, values are base paths.
Matthew Wild <mwild1@gmail.com>
parents:
4696
diff
changeset
|
84 end |
|
5a85e541de1a
mod_http: Switch to single option for specifying HTTP app bases, http_paths. Keys are app/module names, values are base paths.
Matthew Wild <mwild1@gmail.com>
parents:
4696
diff
changeset
|
85 |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
86 function module.add_host(module) |
|
9376
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
87 local host = module.host; |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
88 if host ~= "*" then |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
89 host = module:get_option_string("http_host", host); |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
90 end |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
91 local apps = {}; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
92 module.environment.apps = apps; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
93 local function http_app_added(event) |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
94 local app_name = event.item.name; |
|
4667
d0cfc49f3f2b
mod_http: Support for default_path in apps
Matthew Wild <mwild1@gmail.com>
parents:
4664
diff
changeset
|
95 local default_app_path = event.item.default_path or "/"..app_name; |
|
4892
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
96 local app_path = get_base_path(module, app_name, default_app_path); |
|
6c8074f47ca4
mod_http: Add module:http_url([app_name,][default_path]) for a module to get a guess at its external URL
Matthew Wild <mwild1@gmail.com>
parents:
4774
diff
changeset
|
97 if not app_name then |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
98 -- TODO: Link to docs |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
99 module:log("error", "HTTP app has no 'name', add one or use module:provides('http', app)"); |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
100 return; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
101 end |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
102 apps[app_name] = apps[app_name] or {}; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
103 local app_handlers = apps[app_name]; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
104 for key, handler in pairs(event.item.route or {}) do |
|
4667
d0cfc49f3f2b
mod_http: Support for default_path in apps
Matthew Wild <mwild1@gmail.com>
parents:
4664
diff
changeset
|
105 local event_name = get_http_event(host, app_path, key); |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
106 if event_name then |
|
4724
a8c234332258
mod_http: Allow a route value to be static data rather than a handler function
Matthew Wild <mwild1@gmail.com>
parents:
4721
diff
changeset
|
107 if type(handler) ~= "function" then |
|
a8c234332258
mod_http: Allow a route value to be static data rather than a handler function
Matthew Wild <mwild1@gmail.com>
parents:
4721
diff
changeset
|
108 local data = handler; |
|
a8c234332258
mod_http: Allow a route value to be static data rather than a handler function
Matthew Wild <mwild1@gmail.com>
parents:
4721
diff
changeset
|
109 handler = function () return data; end |
|
a8c234332258
mod_http: Allow a route value to be static data rather than a handler function
Matthew Wild <mwild1@gmail.com>
parents:
4721
diff
changeset
|
110 elseif event_name:sub(-2, -1) == "/*" then |
|
5230
6f5640375358
mod_http: Fix path length pattern
Kim Alvefur <zash@zash.se>
parents:
5204
diff
changeset
|
111 local base_path_len = #event_name:match("/.+$"); |
|
4669
0e0a72679f77
mod_http: Pass portion of path that matched wildcard to wildcard handlers, as a second parameter
Matthew Wild <mwild1@gmail.com>
parents:
4667
diff
changeset
|
112 local _handler = handler; |
|
8972
0b254439d451
mod_http: Rename argument to avoid name clash with outer scope [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8971
diff
changeset
|
113 handler = function (_event) |
|
0b254439d451
mod_http: Rename argument to avoid name clash with outer scope [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8971
diff
changeset
|
114 local path = _event.request.path:sub(base_path_len); |
|
0b254439d451
mod_http: Rename argument to avoid name clash with outer scope [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8971
diff
changeset
|
115 return _handler(_event, path); |
|
4669
0e0a72679f77
mod_http: Pass portion of path that matched wildcard to wildcard handlers, as a second parameter
Matthew Wild <mwild1@gmail.com>
parents:
4667
diff
changeset
|
116 end; |
|
6504
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
117 module:hook_object_event(server, event_name:sub(1, -3), redir_handler, -1); |
|
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
118 elseif event_name:sub(-1, -1) == "/" then |
|
e1659f32852e
mod_http: For URLs that end with / or wildcard handlers, add a low-priority redirect from without to with slash
Kim Alvefur <zash@zash.se>
parents:
6086
diff
changeset
|
119 module:hook_object_event(server, event_name:sub(1, -2), redir_handler, -1); |
|
4669
0e0a72679f77
mod_http: Pass portion of path that matched wildcard to wildcard handlers, as a second parameter
Matthew Wild <mwild1@gmail.com>
parents:
4667
diff
changeset
|
120 end |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
121 if not app_handlers[event_name] then |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
122 app_handlers[event_name] = handler; |
|
4696
4700e318add1
mod_http: Use module:hook/unhook_event_object() so that handlers get unregistered if mod_http is unloaded
Matthew Wild <mwild1@gmail.com>
parents:
4678
diff
changeset
|
123 module:hook_object_event(server, event_name, handler); |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
124 else |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
125 module:log("warn", "App %s added handler twice for '%s', ignoring", app_name, event_name); |
|
4636
41983ec223f0
mod_http: Include handlers of non-global modules.
Waqas Hussain <waqas20@gmail.com>
parents:
4635
diff
changeset
|
126 end |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
127 else |
|
7359
a5a080c12c96
Update every link to the documentation to use HTTPS
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
7247
diff
changeset
|
128 module:log("error", "Invalid route in %s, %q. See https://prosody.im/doc/developers/http#routes", app_name, key); |
|
4636
41983ec223f0
mod_http: Include handlers of non-global modules.
Waqas Hussain <waqas20@gmail.com>
parents:
4635
diff
changeset
|
129 end |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
130 end |
|
6597
321321f566fb
mod_http: Log a debug message when adding new http apps and warn if no http ports are enabled
Kim Alvefur <zash@zash.se>
parents:
6596
diff
changeset
|
131 local services = portmanager.get_active_services(); |
|
321321f566fb
mod_http: Log a debug message when adding new http apps and warn if no http ports are enabled
Kim Alvefur <zash@zash.se>
parents:
6596
diff
changeset
|
132 if services:get("https") or services:get("http") then |
|
321321f566fb
mod_http: Log a debug message when adding new http apps and warn if no http ports are enabled
Kim Alvefur <zash@zash.se>
parents:
6596
diff
changeset
|
133 module:log("debug", "Serving '%s' at %s", app_name, module:http_url(app_name, app_path)); |
|
321321f566fb
mod_http: Log a debug message when adding new http apps and warn if no http ports are enabled
Kim Alvefur <zash@zash.se>
parents:
6596
diff
changeset
|
134 else |
|
321321f566fb
mod_http: Log a debug message when adding new http apps and warn if no http ports are enabled
Kim Alvefur <zash@zash.se>
parents:
6596
diff
changeset
|
135 module:log("warn", "Not listening on any ports, '%s' will be unreachable", app_name); |
|
321321f566fb
mod_http: Log a debug message when adding new http apps and warn if no http ports are enabled
Kim Alvefur <zash@zash.se>
parents:
6596
diff
changeset
|
136 end |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
137 end |
|
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5427
diff
changeset
|
138 |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
139 local function http_app_removed(event) |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
140 local app_handlers = apps[event.item.name]; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
141 apps[event.item.name] = nil; |
|
8971
e59207c909c0
mod_http: Rename loop variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8970
diff
changeset
|
142 for event_name, handler in pairs(app_handlers) do |
|
e59207c909c0
mod_http: Rename loop variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8970
diff
changeset
|
143 module:unhook_object_event(server, event_name, handler); |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
144 end |
|
4636
41983ec223f0
mod_http: Include handlers of non-global modules.
Waqas Hussain <waqas20@gmail.com>
parents:
4635
diff
changeset
|
145 end |
|
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5427
diff
changeset
|
146 |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
147 module:handle_items("http-provider", http_app_added, http_app_removed); |
|
4736
3514338c59c3
net.http.server, mod_http: Support http_default_host config option to specify where to direct requests for unknown HTTP vhosts
Matthew Wild <mwild1@gmail.com>
parents:
4724
diff
changeset
|
148 |
|
9376
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
149 if host ~= "*" then |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
150 server.add_host(host); |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
151 function module.unload() |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
152 server.remove_host(host); |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
153 end |
|
4736
3514338c59c3
net.http.server, mod_http: Support http_default_host config option to specify where to direct requests for unknown HTTP vhosts
Matthew Wild <mwild1@gmail.com>
parents:
4724
diff
changeset
|
154 end |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
155 end |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
156 |
|
9376
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
157 module.add_host(module); -- set up handling on global context too |
|
220468f7a103
mod_http: Support global HTTP modules
Kim Alvefur <zash@zash.se>
parents:
9338
diff
changeset
|
158 |
|
8594
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
159 local trusted_proxies = module:get_option_set("trusted_proxies", { "127.0.0.1", "::1" })._items; |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
160 |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
161 local function get_ip_from_request(request) |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
162 local ip = request.conn:ip(); |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
163 local forwarded_for = request.headers.x_forwarded_for; |
|
11407
8d6e013377fa
mod_http: Restore ip field for requests without proxies
Kim Alvefur <zash@zash.se>
parents:
11386
diff
changeset
|
164 if forwarded_for and trusted_proxies[ip] then |
|
8594
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
165 forwarded_for = forwarded_for..", "..ip; |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
166 for forwarded_ip in forwarded_for:gmatch("[^%s,]+") do |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
167 if not trusted_proxies[forwarded_ip] then |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
168 ip = forwarded_ip; |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
169 end |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
170 end |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
171 end |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
172 return ip; |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
173 end |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
174 |
|
8596
71da54c7f797
mod_http: Pass util.events object to API, fixes traceback
Kim Alvefur <zash@zash.se>
parents:
8594
diff
changeset
|
175 module:wrap_object_event(server._events, false, function (handlers, event_name, event_data) |
|
8594
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
176 local request = event_data.request; |
|
11407
8d6e013377fa
mod_http: Restore ip field for requests without proxies
Kim Alvefur <zash@zash.se>
parents:
11386
diff
changeset
|
177 if request then |
|
8594
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
178 -- Not included in eg http-error events |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
179 request.ip = get_ip_from_request(request); |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
180 end |
|
9338
9beb767295d4
Revert 2dc7490899ae::5d6b252bc36f: Unfinished and broken
Kim Alvefur <zash@zash.se>
parents:
9336
diff
changeset
|
181 return handlers(event_name, event_data); |
|
8594
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
182 end); |
|
b4a0bc46c82d
mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) (fixes #540)
Kim Alvefur <zash@zash.se>
parents:
7868
diff
changeset
|
183 |
|
5120
bcabea740c00
mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item().
Waqas Hussain <waqas20@gmail.com>
parents:
5093
diff
changeset
|
184 module:provides("net", { |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
185 name = "http"; |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
186 listener = server.listener; |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
187 default_port = 5280; |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
188 multiplex = { |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
189 pattern = "^[A-Z]"; |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
190 }; |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
191 }); |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
192 |
|
5120
bcabea740c00
mod_{admin_telnet,c2s,component,http,net_multiplex,s2s}: Use module:provides() instead of module:add_item().
Waqas Hussain <waqas20@gmail.com>
parents:
5093
diff
changeset
|
193 module:provides("net", { |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
194 name = "https"; |
|
4664
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
195 listener = server.listener; |
|
7438b3c68576
mod_http: Revamp module for new API and config
Matthew Wild <mwild1@gmail.com>
parents:
4636
diff
changeset
|
196 default_port = 5281; |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
197 encryption = "ssl"; |
|
6086
3b4fde51fa25
mod_http: Update to disable peer verification with the new certmanager
Kim Alvefur <zash@zash.se>
parents:
6027
diff
changeset
|
198 ssl_config = { |
|
7867
194f540e13e2
util.sslconfig: Remvoe flag merging for 'verify' as this is more of a tri-state field than a set of options
Kim Alvefur <zash@zash.se>
parents:
7581
diff
changeset
|
199 verify = "none"; |
|
6086
3b4fde51fa25
mod_http: Update to disable peer verification with the new certmanager
Kim Alvefur <zash@zash.se>
parents:
6027
diff
changeset
|
200 }; |
|
4635
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
201 multiplex = { |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
202 pattern = "^[A-Z]"; |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
203 }; |
|
ea5215bd2783
mod_http: Provide HTTP service.
Waqas Hussain <waqas20@gmail.com>
parents:
diff
changeset
|
204 }); |
