[prosody-dev] Community modules patch: whitelist for mod_http_upload

Tue, 16 Feb 2021 01:15:59 -0800 

Hello all,
This is my first patch submit. I hope I am using the right channel, since this concerns prosody-modules and not core prosody. 


This patches introduces a whitelist parameter for mod_http_upload, 
something that can be useful for components, e.g., 
https://git.theta.eu.org/eta/whatsxmpp


If this is fine, I'll submit something similar for mod_http_upload_external.

XMPPingly yours,

-- Nicoco

--
You received this message because you are subscribed to the Google Groups 
"prosody-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to prosody-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/prosody-dev/b750996e-b28b-4c49-d0fd-17c48091e787%40gmail.com.

# HG changeset patch
# User Nicolas Cedilnik <nic...@nicoco.fr>
# Date 1613460979 -3600
#      Tue Feb 16 08:36:19 2021 +0100
# Node ID 9b3987665a05a90b37a7cf60d90892aa46e44fb1
# Parent  95262bd1bcb2685c381b1f97304401d2668a88eb
Add whitelist to mod_http_upload

diff -r 95262bd1bcb2 -r 9b3987665a05 mod_http_upload/README.markdown
--- a/mod_http_upload/README.markdown	Mon Feb 15 21:04:19 2021 +0100
+++ b/mod_http_upload/README.markdown	Tue Feb 16 08:36:19 2021 +0100
@@ -37,6 +37,15 @@
 }
 ```
 
+## Whitelist
+
+You may want to give upload access to some entities such as components by
+using:
+
+``` {.lua}
+http_upload_whitelist = {"gateway.example.com"};
+```
+
 Limits
 ------
 
diff -r 95262bd1bcb2 -r 9b3987665a05 mod_http_upload/mod_http_upload.lua
--- a/mod_http_upload/mod_http_upload.lua	Mon Feb 15 21:04:19 2021 +0100
+++ b/mod_http_upload/mod_http_upload.lua	Tue Feb 16 08:36:19 2021 +0100
@@ -32,6 +32,7 @@
 local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 1024 * 1024); -- 1 MB
 local quota = module:get_option_number(module.name .. "_quota");
 local max_age = module:get_option_number(module.name .. "_expire_after");
+local whitelist = module:get_option_set(module.name .. "_whitelist", {});
 
 --- sanity
 local parser_body_limit = module:context("*"):get_option_number("http_max_content_size", 10*1024*1024);
@@ -169,8 +170,8 @@
 
 local function handle_request(origin, stanza, xmlns, filename, filesize)
 	local username, host = origin.username, origin.host;
-	-- local clients only
-	if origin.type ~= "c2s" then
+	-- local clients or whitelisted 'stanza.attr.from's only
+	if origin.type ~= "c2s" and not whitelist:contains(stanza.attr.from) then
 		module:log("debug", "Request for upload slot from a %s", origin.type);
 		return nil, st.error_reply(stanza, "cancel", "not-authorized");
 	end














    











					Reply via email to