Software /
code /
prosody
Changeset
10360:64ddcbc9a328
core.stanza_router: Do strict jidprep on c2s
Be conservative in what you let your clients send, be liberal in what
you let in via s2s.
Being strict on s2s leads to interop problems and poor experiences, ie
users being ejected from MUCs if something invalid enters. By starting
with tightening up input into the network, we may be able to gradually
approach a point where no invalid JIDs are allowed.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 09 Sep 2019 22:32:01 +0200 (2019-09-09) |
parents | 10359:4ef785f45aa2 |
children | 10361:6e051bfca12d |
files | core/stanza_router.lua |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/core/stanza_router.lua Wed Oct 30 16:22:44 2019 +0100 +++ b/core/stanza_router.lua Mon Sep 09 22:32:01 2019 +0200 @@ -83,7 +83,7 @@ if full_sessions[to] or bare_sessions[to] or hosts[to] then node, host = jid_split(to); -- TODO only the host is needed, optimize else - node, host, resource = jid_prepped_split(to); + node, host, resource = jid_prepped_split(to, origin.type == "c2s"); if not host then log("warn", "Received stanza with invalid destination JID: %s", to); if stanza.attr.type ~= "error" and stanza.attr.type ~= "result" then