From 3ef05418867de0ffc715a15ecb488c1ffe5c5f1b Mon Sep 17 00:00:00 2001 From: John Livingston Date: Mon, 1 Jul 2024 15:01:30 +0200 Subject: [PATCH] Poll WIP (#231): * backend security: avoid spoofing polls --- prosody-modules/mod_muc_poll/message.lib.lua | 17 +++++++++++++++++ prosody-modules/mod_muc_poll/mod_muc_poll.lua | 5 +++++ 2 files changed, 22 insertions(+) diff --git a/prosody-modules/mod_muc_poll/message.lib.lua b/prosody-modules/mod_muc_poll/message.lib.lua index 30135a00..fa1a8d45 100644 --- a/prosody-modules/mod_muc_poll/message.lib.lua +++ b/prosody-modules/mod_muc_poll/message.lib.lua @@ -159,8 +159,25 @@ local function poll_end_message(room) return message_id; end +-- security check: we must remove all specific tags, to be sure nobody tries to spoof polls! +local function remove_specific_tags_from_groupchat(event) + event.stanza:maptags(function (child) + if child.name == poll_message_tag then + return nil; + end + if child.name == poll_question_tag then + return nil; + end + if child.name == poll_choice_tag then + return nil; + end + return child; + end); +end + return { poll_start_message = poll_start_message; poll_end_message = poll_end_message; schedule_poll_update_message = schedule_poll_update_message; + remove_specific_tags_from_groupchat = remove_specific_tags_from_groupchat; }; diff --git a/prosody-modules/mod_muc_poll/mod_muc_poll.lua b/prosody-modules/mod_muc_poll/mod_muc_poll.lua index b8afaf61..90bbb320 100644 --- a/prosody-modules/mod_muc_poll/mod_muc_poll.lua +++ b/prosody-modules/mod_muc_poll/mod_muc_poll.lua @@ -19,6 +19,7 @@ local xmlns_poll = module:require("constants").xmlns_poll; local send_form = module:require("form").send_form; local process_form = module:require("form").process_form; local handle_groupchat = module:require("poll").handle_groupchat; +local remove_specific_tags_from_groupchat = module:require("message").remove_specific_tags_from_groupchat local room_restored = module:require("poll").room_restored; -- new poll creation, get form @@ -81,6 +82,10 @@ end); -- Note: we use a high priority, so it will be handled before the slow mode. module:hook("muc-occupant-groupchat", handle_groupchat, 1000); +-- security check: we must remove all specific tags, to be sure nobody tries to spoof polls! +module:hook("muc-occupant-groupchat", remove_specific_tags_from_groupchat, 1000); + + -- when a room is restored (after a server restart for example), -- we must resume any current poll module:hook("muc-room-restored", room_restored);