This now reassembles a URL from the path, query, and fragment supplied, and
ignores the scheme and network location portions entirely.

Thus http://www.google.com/foo redirects to /foo only.

Credit to Jonathan Bush, Security Consultant at
ProCheckUp http://www.procheckup.com

Added UTF-8 support for readme and changelog files

Fixed the issue that creates an empty line after each line of HTML code,
which can break the layout by using <pre>

This patch rewritten to avoid reformatting by Dave Cridland <dave@cridland.net>

Double-check removed, streamlining logic.

Jitsi Videobridge: Fixes Jitsi VideoBridge Plugin problem redirects to webrtcrequired.html. See https://community.igniterealtime.org/thread/52934

OF-831: A typo on Database Settings page during setup

MUC Service Plugin 0.2.0

- Extended the service with /participants endpoint to get all room
participants
- Extended the muc service to manage chat room roles (owners, admins,
members, outcasts)

Update user-lockout.jsp

typo prevents custom minute setting

Update registration-props-form.jsp

missing close tag ">"

Quick fix for old-skool Jabber on S2S

MUC Service Plugin. I adding this to complement the User Service plugin.

This cannot be enforced strictly for openfire IQ handlers to process packets for custom namespaces. I am modifying the original fix to exclude IQ handlers and also check for anonymous users.

S2s fixes. Thanks for doing this. I am experimenting with websockets for Openfire s2s and I need these fixes.

OF-709: Somewhere between my initial commit, Flow's squashing and the code review, this code change was dropped. It is required to enable access to http-bind root folder for static web pages.

OF-823 Numeric overflow in MUCPersistenceManager when loading history ol...

This adds TLS information and Authentication choices to the server session
details page.

In doing so, it factors out a ServerSession interface, and LocalServerSession
class.

Now subsumed by other checks.

A few changes here:

1) Don't recurse up the DNS tree. That's just wrong.

2) Also, don't assume that a subdomain is handled by a parent domain's server.
Still wrong.

3) Check certificates post-connect using our new logic, and drop the session
if they don't match and we're not meant to be doing dialback.

4) Do use EXTERNAL if offered, even if we're using a self-signed certificate.
There's no value in not doing so, it's a bizarre behaviour.

5) Disable S2S Compression; it's currently not working. XPP reset seems to fail,
so doing replacement of the input stream instead.

6) Protect against a null features after TLS. Seems unlikely to happen, but
still.

If a server requires TLS, it will reject our attempts to verify a dialback
key currently. Log this in the logs rather than (confusingly) ignoring it.

When processing a <db:result/>, this checks for the certificate first. If
this matches, then we don't bother actually dialling back, speeding up the
session setup.

This factors out the certificate verification function.

See XEP-0220, Dialback Errors.

This reduces disconnect in the case of piggybacking errors, and provides better
diagnostics.

Remove activation.jar - It's bundled since Java6