Mercurial Mercurial > prosody > prosody / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
COPYING
author Jonas Schäfer <jonas@wielicki.name>
Mon, 10 Jan 2022 18:23:54 +0100
branch0.11
changeset 12185 783056b4e448
parent 4304 73bf8aab8b77
child 12357 5ace23519e71
permissions -rw-r--r--
util.xml: Do not allow doctypes, comments or processing instructions Yes. This is as bad as it sounds. CVE pending. In Prosody itself, this only affects mod_websocket, which uses util.xml to parse the <open/> frame, thus allowing unauthenticated remote DoS using Billion Laughs. However, third-party modules using util.xml may also be affected by this. This commit installs handlers which disallow the use of doctype declarations and processing instructions without any escape hatch. It, by default, also introduces such a handler for comments, however, there is a way to enable comments nontheless. This is because util.xml is used to parse human-facing data, where comments are generally a desirable feature, and also because comments are generally harmless.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
4303
9f10476e1af4 COPYING: Update copyright year; it's 2011 already.
Waqas Hussain <waqas20@gmail.com>
parents: 767
diff changeset 
     1
 
Copyright (c) 2008-2011 Matthew Wild
9f10476e1af4 COPYING: Update copyright year; it's 2011 already.
Waqas Hussain <waqas20@gmail.com>
parents: 767
diff changeset 
     2
 
Copyright (c) 2008-2011 Waqas Hussain
478
3abf90751a8f Add COPYING, remove LICENSE
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     3
 







767






13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




     4


Permission is hereby granted, free of charge, to any person obtaining a copy












13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




     5


of this software and associated documentation files (the "Software"), to deal












13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




     6


in the Software without restriction, including without limitation the rights












13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




     7


to use, copy, modify, merge, publish, distribute, sublicense, and/or sell












13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




     8


copies of the Software, and to permit persons to whom the Software is












13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




     9


furnished to do so, subject to the following conditions:







478






3abf90751a8f
Add COPYING, remove LICENSE



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    10









767






13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




    11


The above copyright notice and this permission notice shall be included in












13ae298c67d7
Update COPYING file... probably the worst thing I could forget to commit in this release :)



Matthew Wild <mwild1@gmail.com>


parents: 
521

diff
changeset




    12


all copies or substantial portions of the Software.







478






3abf90751a8f
Add COPYING, remove LICENSE



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    13









4304






73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    14


THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,












73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    15


EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF












73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    16


MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.












73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    17


IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY












73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    18


CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,












73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    19


TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE












73bf8aab8b77
COPYING: Reflow the all-caps text. It was wrapping really badly in the Windows installer.



Waqas Hussain <waqas20@gmail.com>


parents: 
4303

diff
changeset




    20


SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.














prosody