prosody
4b5c24f13d4a
plugins/mod_bosh.lua
Software / code / prosody
Comparison
plugins/mod_bosh.lua @ 9794:4b5c24f13d4a
mod_bosh: Drop CORS code in favor of than in mod_http
This deprecates the cross_domain_bosh setting. As a compat measure, if
it is set, mod_http_crossdomain is loaded.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 04 Oct 2018 12:23:06 +0200 |
| parent | 9777:2e07d2f71599 |
| child | 9799:7259a61bacc8 |
comparison
equal
deleted
inserted
replaced
| 9793:9993fd021d19 | 9794:4b5c24f13d4a |
|---|---|
| 42 -- The maximum amount of time that the server will hold onto a request before replying | 42 -- The maximum amount of time that the server will hold onto a request before replying |
| 43 -- (the client can set this to a lower value when it connects, if it chooses) | 43 -- (the client can set this to a lower value when it connects, if it chooses) |
| 44 local bosh_max_wait = module:get_option_number("bosh_max_wait", 120); | 44 local bosh_max_wait = module:get_option_number("bosh_max_wait", 120); |
| 45 | 45 |
| 46 local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure"); | 46 local consider_bosh_secure = module:get_option_boolean("consider_bosh_secure"); |
| 47 local cross_domain = module:get_option("cross_domain_bosh", false); | 47 local cross_domain = module:get_option("cross_domain_bosh"); |
| 48 | 48 |
| 49 if cross_domain == true then cross_domain = "*"; end | 49 if cross_domain ~= nil then |
| 50 if type(cross_domain) == "table" then cross_domain = table.concat(cross_domain, ", "); end | 50 module:log("info", "The 'cross_domain_bosh' option has been deprecated"); |
| 51 module:depends("http_crossdomain"); | |
| 52 end | |
| 51 | 53 |
| 52 local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat; | 54 local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat; |
| 53 | 55 |
| 54 -- All sessions, and sessions that have no requests open | 56 -- All sessions, and sessions that have no requests open |
| 55 local sessions = module:shared("sessions"); | 57 local sessions = module:shared("sessions"); |
| 89 sessions[context.sid] = nil; | 91 sessions[context.sid] = nil; |
| 90 sm_destroy_session(session, reason); | 92 sm_destroy_session(session, reason); |
| 91 end | 93 end |
| 92 end | 94 end |
| 93 | 95 |
| 94 local function set_cross_domain_headers(response) | |
| 95 local headers = response.headers; | |
| 96 headers.access_control_allow_methods = "GET, POST, OPTIONS"; | |
| 97 headers.access_control_allow_headers = "Content-Type"; | |
| 98 headers.access_control_max_age = "7200"; | |
| 99 headers.access_control_allow_origin = cross_domain; | |
| 100 return response; | |
| 101 end | |
| 102 | |
| 103 function handle_OPTIONS(event) | |
| 104 if cross_domain and event.request.headers.origin then | |
| 105 set_cross_domain_headers(event.response); | |
| 106 end | |
| 107 return ""; | |
| 108 end | |
| 109 | |
| 110 function handle_POST(event) | 96 function handle_POST(event) |
| 111 log("debug", "Handling new request %s: %s\n----------", tostring(event.request), tostring(event.request.body)); | 97 log("debug", "Handling new request %s: %s\n----------", tostring(event.request), tostring(event.request.body)); |
| 112 | 98 |
| 113 local request, response = event.request, event.response; | 99 local request, response = event.request, event.response; |
| 114 response.on_destroy = on_destroy_request; | 100 response.on_destroy = on_destroy_request; |
| 118 local stream = new_xmpp_stream(context, stream_callbacks); | 104 local stream = new_xmpp_stream(context, stream_callbacks); |
| 119 response.context = context; | 105 response.context = context; |
| 120 | 106 |
| 121 local headers = response.headers; | 107 local headers = response.headers; |
| 122 headers.content_type = "text/xml; charset=utf-8"; | 108 headers.content_type = "text/xml; charset=utf-8"; |
| 123 | |
| 124 if cross_domain and request.headers.origin then | |
| 125 set_cross_domain_headers(response); | |
| 126 end | |
| 127 | 109 |
| 128 -- stream:feed() calls the stream_callbacks, so all stanzas in | 110 -- stream:feed() calls the stream_callbacks, so all stanzas in |
| 129 -- the body are processed in this next line before it returns. | 111 -- the body are processed in this next line before it returns. |
| 130 -- In particular, the streamopened() stream callback is where | 112 -- In particular, the streamopened() stream callback is where |
| 131 -- much of the session logic happens, because it's where we first | 113 -- much of the session logic happens, because it's where we first |
| 509 module:provides("http", { | 491 module:provides("http", { |
| 510 default_path = "/http-bind"; | 492 default_path = "/http-bind"; |
| 511 route = { | 493 route = { |
| 512 ["GET"] = GET_response; | 494 ["GET"] = GET_response; |
| 513 ["GET /"] = GET_response; | 495 ["GET /"] = GET_response; |
| 514 ["OPTIONS"] = handle_OPTIONS; | |
| 515 ["OPTIONS /"] = handle_OPTIONS; | |
| 516 ["POST"] = handle_POST; | 496 ["POST"] = handle_POST; |
| 517 ["POST /"] = handle_POST; | 497 ["POST /"] = handle_POST; |
| 518 }; | 498 }; |
| 519 }); | 499 }); |
