Download as
Browse Code »

Commit 06d664a66225db4a633080d7b0c1f694d65f5623

Authored by Joenio Costa
1 parent abdf6fab
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Documenting setup to enable HTTPS support 

- New file INSTALL.https.md with instructions to setup Noosfero over HTTPS
- Cosmetic changes in INSTALL.varnish.md file
- Ejabberd configurations moved out of INSTALL.chat.md file
- Fixing a small bug with the Noosfero chat client
Showing 8 changed files with 344 additions and 156 deletions   Show diff stats
INSTALL.chat.md
  Diff comments   View file @06d664a
1 -XMPP/Chat Client Setup  
2 -====================== 1 +XMPP/Chat Setup
  2 +===============
3 3
4 -To configure XMPP/BOSH in Noosfero you need: 4 +The samples of config file to configure a XMPP/BOSH server with ejabberd,
  5 +postgresql and apache2 can be found at util/chat directory.
5 6
6 -* REST Client - http://github.com/archiloque/rest-client  
7 -* SystemTimer - http://ph7spot.com/musings/system-timer  
8 -* Pidgin data files - http://www.pidgin.im/ 7 +This setup supposes that you are using Noosfero installed via Debian package
  8 +in a production environment.
9 9
10 -If you use Debian 6.0 (squeeze):  
11 -  
12 - # apt-get install librestclient-ruby pidgin-data ruby1.8-dev  
13 - # gem install SystemTimer  
14 -  
15 -The samples of config file to configure a XMPP/BOSH server with ejabberd, postgresql and apache2 can be found at util/chat directory.  
16 -  
17 -XMPP/Chat Server Setup  
18 -====================== 10 +Steps
  11 +=====
19 12
20 This is a step-by-step guide to get a XMPP service working, in a Debian system. 13 This is a step-by-step guide to get a XMPP service working, in a Debian system.
21 14
22 ## 1. Install the required packages 15 ## 1. Install the required packages
23 16
24 - # apt-get install ejabberd odbc-postgresql 17 + # apt-get install ejabberd odbc-postgresql librestclient-ruby pidgin-data ruby1.8-dev
  18 + # gem install SystemTimer
25 19
26 ## 2. Ejabberd configuration 20 ## 2. Ejabberd configuration
27 21
28 -All the following changes must be done in config file: `/etc/ejabberd/ejabberd.cfg`  
29 -  
30 -### 2.1. Set the default admin user  
31 -  
32 - { acl, admin, { user, "john", "www.example.com" } }.  
33 - { acl, admin, { user, "bart", "www.example.com" } }.  
34 -  
35 -### 2.2. Set the default host  
36 -  
37 - { hosts, [ "www.example.com" ] }.  
38 -  
39 -### 2.3. Http-Bind activation  
40 -  
41 - { 5280, ejabberd_http, [  
42 - http_bind,  
43 - web_admin  
44 - ]  
45 - }  
46 -  
47 - (...)  
48 -  
49 - { modules, [  
50 - {mod_http_bind, []},  
51 - ...  
52 - ] }.  
53 -  
54 -Ejabberd creates semi-anonymous rooms by default, but Noosfero's Jabber client needs non-anonymous room, then we need to change default params of creation rooms in ejabberd to create non-anonymous rooms.  
55 -  
56 -In non-anonymous rooms the jabber service sends the new occupant's full JID to all occupants in the room [[1]]. 22 + # cp /usr/share/noosfero/util/chat/ejabberd.cfg /etc/ejabberd/
57 23
58 -Add option "`{default_room_options, [{anonymous, false}]}`" to `/etc/ejabberd/ejabberd.cfg` in mod_muc session. See below: 24 +Edit the /etc/ejabberd/ejabberd.cfg file and set your domain on the first 2 lines.
59 25
60 - { mod_muc, [  
61 - %%{host, "conference.@HOST@"},  
62 - {access, muc},  
63 - {access_create, muc},  
64 - {access_persistent, muc},  
65 - {access_admin, muc_admin},  
66 - {max_users, 500},  
67 - {default_room_options, [{anonymous, false}]}  
68 - ]},  
69 -  
70 -[1]: http://xmpp.org/extensions/xep-0045.html#enter-nonanon  
71 -  
72 -  
73 -### 2.4. Authentication method  
74 -  
75 -To use Postgresql through ODBC, the following modifications must be done:  
76 -  
77 - * Disable the default method:  
78 - `{auth_method, internal}.`  
79 -  
80 - * Enable autheticantion through ODBC:  
81 - `{auth_method, odbc}.` 26 +## 3. Configuring Postgresql
82 27
83 - * Set database server name  
84 - `{odbc_server, "DSN=PostgreSQLEjabberdNoosfero"}.` 28 +Give permission to noosfero user create new roles, login as
  29 +postgres user and execute:
85 30
  31 + $ psql
  32 + postgres=# GRANT CREATE ON DATABASE noosfero TO noosfero;
86 33
87 -### 2.5. Increase the shaper traffic limit 34 +Change the postgresql authentication method to md5 instead of ident,
  35 +add the following line to the file /etc/postgresql/8.4/main/pg_hba.conf:
88 36
89 - { shaper, normal, { maxrate, 10000000 } }. 37 + # Noosfero user
  38 + local noosfero noosfero md5
90 39
  40 +(add this line before the following line)
91 41
92 -### 2.6. Disable unused modules 42 + # "local" is for Unix domain socket connections only
  43 + local all all ident
93 44
94 -Unused modules can be disabled, for example: 45 +Restart postgresql server:
95 46
96 - * s2s  
97 - * web_admin  
98 - * mod_pubsub  
99 - * mod_irc  
100 - * mod_offline  
101 - * mod_admin_extra  
102 - * mod_register 47 + # service postgresql restart
103 48
  49 +Login as noosfero user, and execute:
104 50
105 -### 2.7. Enable ODBC modules 51 + $ psql -U noosfero -W noosfero < /usr/share/noosfero/util/chat/postgresql/ejabberd.sql
106 52
107 - * mod_privacy -> mod_privacy_odbc  
108 - * mod_private -> mod_private_odbc  
109 - * mod_roster -> mod_roster_odbc 53 +(see database password in the /etc/noosfero/database.yml file)
110 54
111 -## 3. Configuring Postgresql 55 +This will create a new schema inside the noosfero database, called `ejabberd`.
112 56
113 -Login as noosfero user, and execute: 57 +Note that there should be at least one domain with `is_default = true` in
  58 +`domains` table, otherwise people won't be able to see their friends online.
114 59
115 - $ psql noosfero < /path/to/noosfero/util/chat/postgresql/ejabberd.sql 60 +## 4. ODBC configuration
116 61
117 -Where `noosfero` may need to be replace by the name of the database used for Noosfero. 62 +Create the following files:
118 63
119 -This will create a new schema inside the noosfero database, called `ejabberd`. 64 + # cp /usr/share/noosfero/util/chat/odbc.ini /etc/
  65 + # cp /usr/share/noosfero/util/chat/odbcinst.ini /etc/
120 66
121 -Note `noosfero` user should have permission to create Postgresql schemas. Also, there should be at least one domain with `is_default = true` in `domains` table, otherwise people won't be able to see their friends online. 67 +Edit the odbc.ini file and set the password for the database user, see
  68 +the file /etc/noosfero/database.yml to get the password.
122 69
123 -## 4. ODBC configuration 70 +Adjust premissions:
124 71
125 -The following files must be created:  
126 -  
127 -`/etc/odbc.ini`:  
128 -  
129 - [PostgreSQLEjabberdNoosfero]  
130 - Description = PostgreSQL Noosfero ejabberd database  
131 - Driver = PostgreSQL Unicode  
132 - Trace = No  
133 - TraceFile = /tmp/psqlodbc.log  
134 - Database = noosfero  
135 - Servername = localhost  
136 - UserName = <DBUSER>  
137 - Password = <DBPASS>  
138 - Port =  
139 - ReadOnly = No  
140 - RowVersioning = No  
141 - ShowSystemTables = No  
142 - ShowOidColumn = No  
143 - FakeOidIndex = No  
144 - ConnSettings = SET search_path TO ejabberd  
145 -  
146 -`/etc/odbcinst.ini`:  
147 -  
148 - [PostgreSQL Unicode]  
149 - Description = PostgreSQL ODBC driver (Unicode version)  
150 - Driver = /usr/lib/odbc/psqlodbcw.so  
151 - Setup = /usr/lib/odbc/libodbcpsqlS.so  
152 - Debug = 0  
153 - CommLog = 1  
154 - UsageCount = 3 72 + # chmod 640 /etc/odbc.ini
  73 + # chown ejabberd /etc/odbc.ini
155 74
156 ## 4.1 testing all: 75 ## 4.1 testing all:
157 76
@@ -159,7 +78,6 @@ The following files must be created: @@ -159,7 +78,6 @@ The following files must be created:
159 78
160 If the configuration was done right, the message "Connected!" will be displayed. 79 If the configuration was done right, the message "Connected!" will be displayed.
161 80
162 -  
163 ## 5. Enabling kernel polling and SMP in `/etc/default/ejabberd` 81 ## 5. Enabling kernel polling and SMP in `/etc/default/ejabberd`
164 82
165 POLL=true 83 POLL=true
@@ -205,32 +123,45 @@ Note: module proxy_http must be enabled: @@ -205,32 +123,45 @@ Note: module proxy_http must be enabled:
205 123
206 # a2enmod proxy_http 124 # a2enmod proxy_http
207 125
208 -## 8. DNS configuration 126 +Restart services:
209 127
210 -For this point, we assume you are using BIND as your DNS server. You need to add the following entries to the DNS zone file corresponding to the domain of your noosfero site: 128 + # service ejabberd restart
  129 + # service noosfero restart
  130 + # service apache2 restart
211 131
212 - _xmpp-client._tcp SRV 5 100 5222 master  
213 - conference CNAME master  
214 - _xmpp-client._tcp.conference SRV 5 100 5222 master 132 +## 8. Test Apache Configuration
215 133
216 -If you are running a DNS server other than BIND, you will have to figure out how to create equivalente rules for your zone file. Patches to this documentation are welcome. 134 +Open in your browser the address:
217 135
218 -## 9. Testing this Setup 136 + http://<yout domain>/http-bind
219 137
220 -Adjust shell limits to proceed with some benchmarks and load tests: 138 +You should see a page with a message like that:
221 139
222 - # ulimit −s 256  
223 - # ulimit −n 8192  
224 - # echo 10 > /proc/sys/net/ipv4/tcp_syn_retries 140 + ejabberd mod_http_bind
  141 + An implementation of XMPP over BOSH (XEP-0206)
  142 + This web page is only informative. To use HTTP-Bind you need a Jabber/XMPP
  143 + client that supports it.
225 144
226 -To measure the bandwidth between server and client: 145 +## 9. Test chat session
227 146
228 - * at server side:  
229 - `# iperf −s` 147 +Open Noosfero console and execute:
230 148
231 - * at client side:  
232 - `# iperf −c server_ip` 149 +>> environment = Environment.default
  150 +>> user = Person['guest']
  151 +>> password = user.user.crypted_password
  152 +>> login = user.jid
  153 +>> RubyBOSH.initialize_session(login, password, "http://#{environment.default_hostname}/http-bind", :wait => 30, :hold => 1, :window => 5
233 154
234 -For heavy load tests, clone and use this software: 155 +If you have luck, should see something like that:
235 156
236 - $ git clone http://git.holoscopio.com/git/metal/tester.git 157 +Ruby-BOSH - SEND
  158 +<body window="5" rid="60265" xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" to="vagrant-debian-squeeze.vagrantup.com" wait="30" xmpp:version="1.0" hold="1"/>
  159 +Ruby-BOSH - SEND
  160 +<body rid="60266" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Z3Vlc3RAdmFncmFudC1kZWJpYW4tc3F1ZWV6ZS52YWdyYW50dXAuY29tAGd1ZXN0ADEzZTFhYWVlYjRhYjZlMTA0MmRkNWI1YWY0MzM4MjA1OGJiOWZmNzk=</auth></body>
  161 +Ruby-BOSH - SEND
  162 +<body xmpp:restart="true" rid="60267" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"/>
  163 +Ruby-BOSH - SEND
  164 +<body rid="60268" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><iq type="set" xmlns="jabber:client" id="bind_29330"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>bosh_9631</resource></bind></iq></body>
  165 +Ruby-BOSH - SEND
  166 +<body rid="60269" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><iq type="set" xmlns="jabber:client" id="sess_21557"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq></body>
  167 +=> ["guest@vagrant-debian-squeeze.vagrantup.com", "24cdfc43646a2af1059a7060b677c2e11b26f34f", 60270]
INSTALL.https.md 0 → 100644
  Diff comments   View file @06d664a
@@ -0,0 +1,115 @@ @@ -0,0 +1,115 @@
  1 +Setup Noosfero to use HTTPS
  2 +===========================
  3 +
  4 +This document assumes that you have a fully and clean Noosfero
  5 +installation as explained at the `INSTALL.md` file.
  6 +
  7 +SSL certificate
  8 ++++++++++++++++
  9 +
  10 +You should get a valid SSL certificate, but if you want to test
  11 +your setup before, you could generate a self-signed certificate
  12 +as below:
  13 +
  14 + # mkdir /etc/noosfero/ssl
  15 + # cd /etc/noosfero/ssl
  16 + # openssl genrsa 1024 > noosfero.key
  17 + # openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
  18 + # cat noosfero.key noosfero.cert > noosfero.pem
  19 +
  20 +There are two ways of using SSL with Noosfero: 1) If you are not using
  21 +Varnish; and 2) If you are using Varnish.
  22 +
  23 +1) If you are are not using Varnish
  24 ++++++++++++++++++++++++++++++++++++
  25 +
  26 +Simply do a redirect in apache to force all connections with SSL:
  27 +
  28 + <VirtualHost *:8080>
  29 + ServerName test.stoa.usp.br
  30 +
  31 + Redirect / https://example.com/
  32 + </VirtualHost>
  33 +
  34 +And set a vhost to receive then:
  35 +
  36 + <VirtualHost *:443>
  37 + ServerName example.com
  38 +
  39 + SSLEngine On
  40 + SSLCertificateFile /etc/ssl/certs/cert.pem
  41 + SSLCertificateKeyFile /etc/ssl/private/cert.key
  42 +
  43 + Include /etc/noosfero/apache/virtualhost.conf
  44 + </VirtualHost>
  45 +
  46 +Be aware that if you had configured varnish, the requests won't reach
  47 +it with this configuration.
  48 +
  49 +2) If you are using Varnish
  50 ++++++++++++++++++++++++++++
  51 +
  52 +Varnish isn't able to communicate with the SSL protocol, so we will
  53 +need some one who do this and Pound[1] can do the job. In order to
  54 +install it in Debian based systems:
  55 +
  56 + $ sudo apt-get install pound
  57 +
  58 +Set Varnish to listen in other port than 80:
  59 +
  60 +/etc/defaults/varnish
  61 +---------------------
  62 +
  63 + DAEMON_OPTS="-a localhost:6081 \
  64 + -T localhost:6082 \
  65 + -f /etc/varnish/default.vcl \
  66 + -S /etc/varnish/secret \
  67 + -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
  68 +
  69 +Configure Pound:
  70 +
  71 + # cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
  72 +
  73 +Edit /etc/pound.cfg and set the IP and domain of your server.
  74 +
  75 +Configure Pound to start at system initialization:
  76 +
  77 +/etc/default/pound
  78 +------------------
  79 +
  80 + startup=1
  81 +
  82 +Set Apache to only listen to localhost:
  83 +
  84 +/etc/apache2/ports.conf
  85 +-----------------------
  86 +
  87 + Listen 127.0.0.1:8080
  88 +
  89 +Restart the services:
  90 +
  91 + $ sudo service apache2 restart
  92 + $ sudo service varnish restart
  93 +
  94 +Start pound:
  95 +
  96 + $ sudo service pound start
  97 +
  98 +[1] http://www.apsis.ch/pound
  99 +
  100 +Noosfero XMPP chat
  101 +++++++++++++++++++
  102 +
  103 +If you want to use chat over HTTPS, then you should add the domain
  104 +and IP of your server in the /etc/hosts file, example:
  105 +
  106 +/etc/hosts
  107 +----------
  108 +
  109 + 192.168.1.86 mydomain.example.com
  110 +
  111 +Also, it's recomended that you remove lines above from the file
  112 +`/etc/apache2/sites-enabled/noosfero`:
  113 +
  114 + RewriteEngine On
  115 + Include /usr/share/noosfero/util/chat/apache/xmpp.conf
INSTALL.varnish.md
  Diff comments   View file @06d664a
@@ -24,10 +24,6 @@ Install the RPAF apache module (or skip this step if not using apache): @@ -24,10 +24,6 @@ Install the RPAF apache module (or skip this step if not using apache):
24 24
25 3b) Edit `/etc/apache2/sites-enabled/*`, and change `<VirtualHost *:80>` to `<VirtualHost *:8080>` 25 3b) Edit `/etc/apache2/sites-enabled/*`, and change `<VirtualHost *:80>` to `<VirtualHost *:8080>`
26 26
27 -3c) Restart apache  
28 -  
29 - # invoke-rc.d apache2 restart  
30 -  
31 4) Varnish configuration 27 4) Varnish configuration
32 28
33 4a) Edit `/etc/default/varnish` 29 4a) Edit `/etc/default/varnish`
@@ -44,10 +40,6 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/ @@ -44,10 +40,6 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/
44 40
45 **NOTE**: it is very important that the `*.vcl` files are included in that order, i.e. *first* include `varnish-noosfero.vcl`, and *after* `noosfero-accept-language.cvl`. 41 **NOTE**: it is very important that the `*.vcl` files are included in that order, i.e. *first* include `varnish-noosfero.vcl`, and *after* `noosfero-accept-language.cvl`.
46 42
47 -4c) Restart Varnish  
48 -  
49 - # invoke-rc.d varnish restart  
50 -  
51 5) Enable varnish logging: 43 5) Enable varnish logging:
52 44
53 5a) Edit `/etc/default/varnishncsa` and uncomment the line that contains: 45 5a) Edit `/etc/default/varnishncsa` and uncomment the line that contains:
@@ -56,8 +48,10 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/ @@ -56,8 +48,10 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/
56 48
57 The varnish log will be written to `/var/log/varnish/varnishncsa.log` in an apache-compatible format. You should change your statistics generation software (e.g. awstats) to use that instead of apache logs. 49 The varnish log will be written to `/var/log/varnish/varnishncsa.log` in an apache-compatible format. You should change your statistics generation software (e.g. awstats) to use that instead of apache logs.
58 50
59 -5b) Restart Varnish Logging service 51 +Thanks to Cosimo Streppone for varnish-accept-language. See http://github.com/cosimo/varnish-accept-language for more information.
60 52
61 - # invoke-rc.d varnishncsa restart 53 +6) Restart services
62 54
63 -Thanks to Cosimo Streppone for varnish-accept-language. See http://github.com/cosimo/varnish-accept-language for more information. 55 + # service apache2 restart
  56 + # service varnish restart
  57 + # service varnishncsa restart
etc/pound.cfg 0 → 100644
  Diff comments   View file @06d664a
@@ -0,0 +1,44 @@ @@ -0,0 +1,44 @@
  1 +LogLevel 1
  2 +Alive 10
  3 +Client 120
  4 +TimeOut 300
  5 +Control "/var/run/pound/poundctl.socket"
  6 +
  7 +ListenHTTP
  8 + Address 192.168.1.86
  9 + Port 80
  10 + xHTTP 1
  11 + # uncomment code above if you are using chat
  12 + #Service
  13 + # URL "/http-bind.*"
  14 + # Backend
  15 + # Address 127.0.0.1
  16 + # Port 5280
  17 + # End
  18 + #End
  19 + Service
  20 + Redirect "https://mydomain.example.com"
  21 + End
  22 +End
  23 +
  24 +ListenHTTPS
  25 + Address 192.168.1.86
  26 + Port 443
  27 + Cert "/etc/noosfero/ssl/noosfero.pem"
  28 + Ciphers "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
  29 + xHTTP 1
  30 + # uncomment code above if you are using chat
  31 + #Service
  32 + # URL "/http-bind.*"
  33 + # Backend
  34 + # Address 127.0.0.1
  35 + # Port 5280
  36 + # End
  37 + #End
  38 + Service
  39 + BackEnd
  40 + Address 127.0.0.1
  41 + Port 6081
  42 + End
  43 + End
  44 +End
public/javascripts/chat.js
  Diff comments   View file @06d664a
@@ -99,7 +99,7 @@ jQuery(function($) { @@ -99,7 +99,7 @@ jQuery(function($) {
99 }, 99 },
100 100
101 render_body_message: function(body) { 101 render_body_message: function(body) {
102 - body = body.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/\r?\n/g, '<br>'); 102 + body = body.replace(/\r?\n/g, '<br>');
103 body = $().emoticon(body); 103 body = $().emoticon(body);
104 body = linkify(body, { 104 body = linkify(body, {
105 callback: function(text, href) { 105 callback: function(text, href) {
@@ -320,7 +320,7 @@ jQuery(function($) { @@ -320,7 +320,7 @@ jQuery(function($) {
320 var jid_id = Jabber.jid_to_id(jid); 320 var jid_id = Jabber.jid_to_id(jid);
321 var name = Jabber.name_of(jid_id); 321 var name = Jabber.name_of(jid_id);
322 create_conversation_tab(name, jid_id); 322 create_conversation_tab(name, jid_id);
323 - Jabber.show_message(jid, name, message.body, 'other', Strophe.getNodeFromJid(jid)); 323 + Jabber.show_message(jid, name, escape_html(message.body), 'other', Strophe.getNodeFromJid(jid));
324 $.sound.play('/sounds/receive.wav'); 324 $.sound.play('/sounds/receive.wav');
325 return true; 325 return true;
326 }, 326 },
@@ -336,7 +336,7 @@ jQuery(function($) { @@ -336,7 +336,7 @@ jQuery(function($) {
336 // is a message from another user, not mine 336 // is a message from another user, not mine
337 else if ($own_name != name) { 337 else if ($own_name != name) {
338 var jid = Jabber.rooms[Jabber.jid_to_id(message.from)][name]; 338 var jid = Jabber.rooms[Jabber.jid_to_id(message.from)][name];
339 - Jabber.show_message(message.from, name, message.body, name, Strophe.getNodeFromJid(jid)); 339 + Jabber.show_message(message.from, name, escape_html(message.body), name, Strophe.getNodeFromJid(jid));
340 $.sound.play('/sounds/receive.wav'); 340 $.sound.play('/sounds/receive.wav');
341 } 341 }
342 return true; 342 return true;
@@ -432,7 +432,7 @@ jQuery(function($) { @@ -432,7 +432,7 @@ jQuery(function($) {
432 .c('body').t(body).up() 432 .c('body').t(body).up()
433 .c('active', {xmlns: Strophe.NS.CHAT_STATES}); 433 .c('active', {xmlns: Strophe.NS.CHAT_STATES});
434 Jabber.connection.send(message); 434 Jabber.connection.send(message);
435 - Jabber.show_message(jid, $own_name, body, 'self', Strophe.getNodeFromJid(Jabber.connection.jid)); 435 + Jabber.show_message(jid, $own_name, escape_html(body), 'self', Strophe.getNodeFromJid(Jabber.connection.jid));
436 }, 436 },
437 437
438 is_a_room: function(jid_id) { 438 is_a_room: function(jid_id) {
@@ -632,6 +632,13 @@ jQuery(function($) { @@ -632,6 +632,13 @@ jQuery(function($) {
632 } 632 }
633 } 633 }
634 634
  635 + function escape_html(body) {
  636 + return body
  637 + .replace(/&/g, '&amp;')
  638 + .replace(/</g, '&lt;')
  639 + .replace(/>/g, '&gt;');
  640 + }
  641 +
635 }); 642 });
636 643
637 function checkTime(i) { 644 function checkTime(i) {
util/chat/ejabberd.cfg 0 → 100644
  Diff comments   View file @06d664a
@@ -0,0 +1,74 @@ @@ -0,0 +1,74 @@
  1 +%%%
  2 +%%% Noosfero ejabberd configuration file
  3 +%%% This config must be in UTF-8 encoding
  4 +%%%
  5 +
  6 +{acl, admin, {user, "admin", "mydomain.example.com"}}.
  7 +{hosts, ["mydomain.example.com"]}.
  8 +
  9 +{loglevel, 4}.
  10 +{listen,
  11 + [
  12 + {5222, ejabberd_c2s, [
  13 + {access, c2s},
  14 + {shaper, c2s_shaper},
  15 + {max_stanza_size, 65536},
  16 + starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
  17 + ]},
  18 + {5280, ejabberd_http, [
  19 + http_bind,
  20 + http_poll
  21 + ]}
  22 + ]}.
  23 +{max_fsm_queue, 1000}.
  24 +{auth_method, odbc}.
  25 +{odbc_server, "DSN=PostgreSQLEjabberdNoosfero"}.
  26 +{shaper, normal, {maxrate, 10000000}}.
  27 +{shaper, fast, {maxrate, 50000}}.
  28 +{acl, local, {user_regexp, ""}}.
  29 +{access, max_user_sessions, [{10, all}]}.
  30 +{access, local, [{allow, local}]}.
  31 +{access, c2s, [{deny, blocked},
  32 + {allow, all}]}.
  33 +{access, c2s_shaper, [{none, admin},
  34 + {normal, all}]}.
  35 +{access, announce, [{allow, admin}]}.
  36 +{access, configure, [{allow, admin}]}.
  37 +{access, muc_admin, [{allow, admin}]}.
  38 +{access, muc, [{allow, all}]}.
  39 +{access, pubsub_createnode, [{allow, all}]}.
  40 +{language, "pt"}.
  41 +{modules,
  42 + [
  43 + {mod_adhoc, []},
  44 + {mod_announce, [{access, announce}]}, % requires mod_adhoc
  45 + {mod_caps, []},
  46 + {mod_configure,[]}, % requires mod_adhoc
  47 + {mod_disco, []},
  48 + {mod_last, []},
  49 + {mod_muc, [
  50 + {access, muc},
  51 + {access_create, muc},
  52 + {access_persistent, muc},
  53 + {access_admin, muc_admin},
  54 + {max_users, 500},
  55 + {default_room_options, [{anonymous, false}]}
  56 + ]},
  57 + {mod_privacy_odbc, []},
  58 + {mod_private_odbc, []},
  59 + {mod_proxy65, [
  60 + {access, local},
  61 + {shaper, c2s_shaper}
  62 + ]},
  63 + {mod_roster_odbc, []},
  64 + {mod_stats, []},
  65 + {mod_time, []},
  66 + {mod_vcard, []},
  67 + {mod_http_bind, []},
  68 + {mod_version, []}
  69 + ]}.
  70 +
  71 +%%% Local Variables:
  72 +%%% mode: erlang
  73 +%%% End:
  74 +%%% vim: set filetype=erlang tabstop=8:
util/chat/odbc.ini 0 → 100644
  Diff comments   View file @06d664a
@@ -0,0 +1,16 @@ @@ -0,0 +1,16 @@
  1 +[PostgreSQLEjabberdNoosfero]
  2 +Description = PostgreSQL Noosfero ejabberd database
  3 +Driver = PostgreSQL Unicode
  4 +Trace = No
  5 +TraceFile = /tmp/psqlodbc.log
  6 +Database = noosfero
  7 +Servername = localhost
  8 +UserName = noosfero
  9 +Password = <copy the password present in the database.yml file>
  10 +Port =
  11 +ReadOnly = No
  12 +RowVersioning = No
  13 +ShowSystemTables = No
  14 +ShowOidColumn = No
  15 +FakeOidIndex = No
  16 +ConnSettings = SET search_path TO ejabberd
util/chat/odbcinst.ini 0 → 100644
  Diff comments   View file @06d664a
@@ -0,0 +1,7 @@ @@ -0,0 +1,7 @@
  1 +[PostgreSQL Unicode]
  2 +Description = PostgreSQL ODBC driver (Unicode version)
  3 +Driver = /usr/lib/odbc/psqlodbcw.so
  4 +Setup = /usr/lib/odbc/libodbcpsqlS.so
  5 +Debug = 0
  6 +CommLog = 1
  7 +UsageCount = 3