Changeset

10360:64ddcbc9a328

core.stanza_router: Do strict jidprep on c2s Be conservative in what you let your clients send, be liberal in what you let in via s2s. Being strict on s2s leads to interop problems and poor experiences, ie users being ejected from MUCs if something invalid enters. By starting with tightening up input into the network, we may be able to gradually approach a point where no invalid JIDs are allowed.
author Kim Alvefur <zash@zash.se>
date Mon, 09 Sep 2019 22:32:01 +0200 (2019-09-09)
parents 10359:4ef785f45aa2
children 10361:6e051bfca12d
files core/stanza_router.lua
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/core/stanza_router.lua	Wed Oct 30 16:22:44 2019 +0100
+++ b/core/stanza_router.lua	Mon Sep 09 22:32:01 2019 +0200
@@ -83,7 +83,7 @@
 		if full_sessions[to] or bare_sessions[to] or hosts[to] then
 			node, host = jid_split(to); -- TODO only the host is needed, optimize
 		else
-			node, host, resource = jid_prepped_split(to);
+			node, host, resource = jid_prepped_split(to, origin.type == "c2s");
 			if not host then
 				log("warn", "Received stanza with invalid destination JID: %s", to);
 				if stanza.attr.type ~= "error" and stanza.attr.type ~= "result" then