prosody
f45a29b32f7a
CHANGES
Software / code / prosody
Comparison
CHANGES @ 13127:f45a29b32f7a
mod_http: Make RFC 7239 Forwarded opt-in for now to be safe
Supporting both methods at the same time may open to spoofing attacks,
whereby a client sends a Forwarded header that is not stripped by a
reverse proxy, leading Prosody to use that instead of the X-Forwarded-*
headers actually sent by the proxy.
By only supporting one at a time, it can be configured to match what the
proxy uses.
Disabled by default since implementations are sparse and X-Forwarded-*
are everywhere.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 03 Jun 2023 21:53:20 +0200 |
| parent | 13126:d043834f15d2 |
| child | 13188:96df571b5941 |
comparison
equal
deleted
inserted
replaced
| 13126:d043834f15d2 | 13127:f45a29b32f7a |
|---|---|
| 40 | 40 |
| 41 - Support sub-second precision timestamps | 41 - Support sub-second precision timestamps |
| 42 - mod_blocklist: New option 'migrate_legacy_blocking' to disable migration from mod_privacy | 42 - mod_blocklist: New option 'migrate_legacy_blocking' to disable migration from mod_privacy |
| 43 - Ability to use SQLite3 storage using LuaSQLite3 instead of LuaDBI | 43 - Ability to use SQLite3 storage using LuaSQLite3 instead of LuaDBI |
| 44 - Moved all modules into the Lua namespace `prosody.` | 44 - Moved all modules into the Lua namespace `prosody.` |
| 45 - Forwarded header from RFC 7239 supported | 45 - Forwarded header from RFC 7239 supported, disabled by default |
| 46 | 46 |
| 47 ## Removed | 47 ## Removed |
| 48 | 48 |
| 49 - Lua 5.1 support | 49 - Lua 5.1 support |
| 50 - XEP-0090 support removed from mod_time | 50 - XEP-0090 support removed from mod_time |
