mod_bosh

BOSH allows clients to use HTTP to communicate with XMPP servers. Often used to allow browser based webclients to connect to an XMPP server, BOSH is also useful in situations where a user is behind a firewall or NAT is preventing connections to the required server ports.

Details

mod_bosh implements XEP-0124 and XEP-0206. For more advanced configuration options see Setting up a BOSH server.

Usage

modules_enabled = {
    -- Other modules
    "bosh"; -- Enable mod_bosh
}

Configuration

Note that these options only work in the global section of the config.

Option Default Notes
bosh_max_inactivity 60 Maximum amount of time in seconds a client may remain silent for, with no requests
consider_bosh_secure false If true then BOSH connections will be allowed when requiring encryption, even if unencrypted

Cross-domain (CORS) configuration

Starting with Prosody 0.12, mod_bosh allows cross-domain requests by default. This is the most common deployment choice, and no further configuration is necessary.

If, for some reason, you wish to modify the CORS configuration, you can do this via Prosody’s HTTP configuration starting with Prosody 0.12.1.

In Prosody 0.11 and earlier, cross-origin access is disabled by default. You can instead set the cross_domain_bosh option to true (allow all origins) or a list of origins to allow (e.g. { "http://jabber.org", "http://prosody.im" }).

Advanced options

⚠️ These advanced options are best left at their defaults unless you know what you are doing

Option Default Notes
bosh_default_hold 1 Maximum number of requests the server will hold open for a client
bosh_max_requests 2 Maximum number of requests a client may make to the server at a time
bosh_max_wait 120 The maximum amount of time a single request will be held open by Prosody with no response. Clients may request a lower value for a given session.
trusted_proxies { "127.0.0.1", "::1" } A list of proxies to trust, used to find a client's real IP

Example

modules_enabled = {
    -- Other modules
    "bosh"; -- Enable mod_bosh
}
 
 
bosh_max_inactivity = 60
consider_bosh_secure = true -- Use if proxying HTTPS->HTTP on the server side