aboutsummaryrefslogtreecommitdiff
path: root/xmpp-vala/src
diff options
context:
space:
mode:
authorWiktor Kwapisiewicz <wiktor@metacode.biz>2019-11-06 13:10:32 +0100
committerfiaxh <fiaxh@users.noreply.github.com>2019-11-19 21:24:28 +0100
commit687ec1a15969a88e00f84b6f45f751c99cc91d92 (patch)
treef48e2fca3be2723abb89e97000ece96e04a565b4 /xmpp-vala/src
parente6918b35b382c3365b220582a32c97ec25037cc8 (diff)
downloaddino-687ec1a15969a88e00f84b6f45f751c99cc91d92.tar.gz
dino-687ec1a15969a88e00f84b6f45f751c99cc91d92.zip
Add support for HTTP Upload headers
Some services use Authorization header [0] to pass upload credential data. This avoids the token being exposed in server logs and is allowed by XEP-0363 since version 0.5.0. This change adds support for headers allowed in XEP-0363: Authorization, Expires and Cookie. [0]: https://xmpp.org/extensions/xep-0363.html#request
Diffstat (limited to 'xmpp-vala/src')
-rw-r--r--xmpp-vala/src/module/xep/0363_http_file_upload.vala11
1 files changed, 11 insertions, 0 deletions
diff --git a/xmpp-vala/src/module/xep/0363_http_file_upload.vala b/xmpp-vala/src/module/xep/0363_http_file_upload.vala
index 8829ad15..ae7169e1 100644
--- a/xmpp-vala/src/module/xep/0363_http_file_upload.vala
+++ b/xmpp-vala/src/module/xep/0363_http_file_upload.vala
@@ -1,5 +1,6 @@
using Xmpp;
using Xmpp.Xep;
+using Gee;
namespace Xmpp.Xep.HttpFileUpload {
@@ -21,6 +22,7 @@ public class Module : XmppStreamModule {
public struct SlotResult {
public string url_get { get; set; }
public string url_put { get; set; }
+ public HashMap<string, string> headers { get; set; }
}
public async SlotResult request_slot(XmppStream stream, string filename, int64 file_size, string? content_type) throws HttpFileTransferError {
Flag? flag = stream.get_flag(Flag.IDENTITY);
@@ -71,6 +73,15 @@ public class Module : XmppStreamModule {
return;
}
+ slot_result.headers = new HashMap<string, string>();
+
+ foreach (StanzaNode node in iq.stanza.get_deep_subnodes(flag.ns_ver + ":slot", flag.ns_ver + ":put", flag.ns_ver + ":header")) {
+ string header_name = node.get_attribute("name");
+ if (header_name == "Authorization" || header_name == "Cookie" || header_name == "Expires") {
+ slot_result.headers[header_name] = node.get_string_content();
+ }
+ }
+
slot_result.url_get = url_get;
slot_result.url_put = url_put;