mod_http_oauth2: Strip unknown client metadata
Per RFC 7591
> The authorization server MUST ignore any client metadata sent by the
> client that it does not understand (for instance, by silently removing
> unknown metadata from the client's registration record during
> processing).
This was previously done but unintentionally removed in 90449babaa48
---
labels:
- Stage-Alpha
summary: "XEP-0397: Instant Stream Resumption"
---
Experimental and incomplete implementation of [XEP-0397: Instant Stream Resumption].