prosody
a76493b75dec
plugins/mod_bosh.lua
Software / code / prosody
Comparison
plugins/mod_bosh.lua @ 11392:a76493b75dec
mod_bosh: Include warning if endpoint accessed insecurely (#1172)
This is to make it obvious if a misconfigured a proxy or the request
really is insecure.
Perhaps it should also check c2s_require_encryption?
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 21 Feb 2021 06:18:22 +0100 |
| parent | 11391:8eff5c744395 |
| child | 11560:3bbb1af92514 |
comparison
equal
deleted
inserted
replaced
| 11391:8eff5c744395 | 11392:a76493b75dec |
|---|---|
| 534 return module:fire_event("http-message", { | 534 return module:fire_event("http-message", { |
| 535 response = event.response; | 535 response = event.response; |
| 536 --- | 536 --- |
| 537 title = "Prosody BOSH endpoint"; | 537 title = "Prosody BOSH endpoint"; |
| 538 message = "It works! Now point your BOSH client to this URL to connect to Prosody."; | 538 message = "It works! Now point your BOSH client to this URL to connect to Prosody."; |
| 539 warning = not (consider_bosh_secure or event.request.secure) and "This endpoint is not considered secure!" or nil; | |
| 539 -- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p> | 540 -- <p>For more information see <a href="https://prosody.im/doc/setting_up_bosh">Prosody: Setting up BOSH</a>.</p> |
| 540 }) or "This is the Prosody BOSH endpoint."; | 541 }) or "This is the Prosody BOSH endpoint."; |
| 541 end | 542 end |
| 542 | 543 |
| 543 module:depends("http"); | 544 module:depends("http"); |
