Compliance Test XEP-0363

0
5344
PublicDomainPictures / Pixabay

Am Sonntag bekam ich die Meldung, dass mein XMPP-Server den informativen Test XEP-0363: HTTP File Upload (CORS Headers) nicht bestanden hat, obwohl der Upload aktiviert war. Abhilfe schaffte hier ein Upgrade der Community-Module von Prosody.

cd /usr/lib/prosody/prosody-modules
hg pull --update
prosodyctl restart

Meine aktuelle Konfiguration sieht im Moment so aus:

pidfile = "/var/run/prosody/prosody.pid"

storage = "sql"

sql = {
    driver = "MySQL";
    database = "prosody";
    host = "localhost";
    username = "benutzername";
    password = "passwort";
}

plugin_paths = { "/usr/lib/prosody/prosody-modules" }

admins = {"intux@intux.de" }
modules_enabled = {
	"roster";
	"saslauth";
 	"tls";
	"dialback";
	"disco";
	"private";
	"blocklist";
	"version";
	"uptime";
	"time";
	"ping";
	"posix";
	"pep";
	"register";
	"admin_adhoc";
	"motd";
	"welcome";
	"proxy65";
	"watchregistrations";
	"register_web";
	"admin_web";
	"http_upload";
	"mam";
	"csi";
	"carbons";
	"smacks";
	"lastlog";
	"cloud_notify";
	"omemo_all_access";
	"server_contact_info";
	"profile";
	"vcard_legacy";
	"pep_vcard_avatar";
	"websocket";
}

log = {
 debug = "/var/log/prosody/prosody.log";
 error = "/var/log/prosody/prosody.err";
}

legacy_ssl_ports = { 5223 }

default_archive_policy = false;
archive_expires_after = "1m";

c2s_require_encryption = true  
s2s_require_encryption = true
s2s_secure_auth = true
s2s_secure_domains = { "blabber.im", "trashserver.net", "jabber.de", "c0by.de", "jabber.org", "xmpp.org", "xmpp.maltris.org", "oprtr.org" }
s2s_insecure_domains = {}

proxy65_ports = { 5212 }

authentication = "internal_hashed"

consider_websocket_secure = true;
cross_domain_bosh = true;
consider_bosh_secure = true;

allow_registration = true
register_web_template = "/etc/prosody/register-templates/Prosody-Web-Registration-Theme";
min_seconds_between_registrations = 300
registration_blacklist = { "83.218.198.86", "109.185.243.100", "93.114.0.93", "93.114.11.136", "92.114.216.80" }

ssl = {
	protocol = "tlsv1_2";
        key = "/etc/prosody/certs/privkey.pem";
        certificate = "/etc/prosody/certs/fullchain.pem";
       
        dhparam = "/etc/prosody/certs/dh-4096.pem";
 
        ciphers = "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128";
 
        options = { "no_sslv2", "no_sslv3", "no_ticket", "no_compression", "cipher_server_preference", "single_dh_use", "single_ecdh_use" }

}

contact_info = {
  abuse = { "mailto:abuse@intux.de", "xmpp:intux@intux.de" };
  admin = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  feedback = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  sales = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  security = { "mailto:admin@intux.de", "xmpp:intux@intux.de" };
  support = { "xmpp:intux@intux.de", "xmpp:intux@intux.de" };
}

VirtualHost "intux.de"

Component "proxy.intux.de" "proxy65"

	proxy65_acl = { "intux.de" }

Component "conference.intux.de" "muc"
        name = "intux.de Chatrooms"
        restrict_room_creation = false
        max_history_messages = 500
        modules_enabled = {
                "mam_muc",
		"vcard_muc",
        }
        muc_log_by_default = false

Component "upload.intux.de" "http_upload"

Kommentieren Sie den Artikel

Bitte bestätige diesen Kommentar!
Bitte den Namen hier eingeben

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.