Software / code / prosody
Changeset
10378:04c4750ff8d2
core.sessionmanager: Require that client-requested resources pass strict resourceprep
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 02 Nov 2019 15:39:01 +0100 |
| parents | 10377:4c36bc28b99e |
| children | 10379:b917602eac04 |
| files | core/sessionmanager.lua |
| diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/core/sessionmanager.lua Sat Nov 02 15:29:13 2019 +0100 +++ b/core/sessionmanager.lua Sat Nov 02 15:39:01 2019 +0100 @@ -150,7 +150,7 @@ resource = event_payload.resource; end - resource = resourceprep(resource or ""); + resource = resourceprep(resource or "", true); resource = resource ~= "" and resource or generate_identifier(); --FIXME: Randomly-generated resources must be unique per-user, and never conflict with existing
