mirror of
https://github.com/moparisthebest/xeps
synced 2024-12-21 23:28:51 -05:00
include publisher with any item retrieval
This commit is contained in:
parent
277ec124d2
commit
5b801baa58
17
xep-0060.xml
17
xep-0060.xml
@ -2718,6 +2718,23 @@ And by opposing end them?
|
||||
</event>
|
||||
</message>
|
||||
]]></example>
|
||||
<p>If so, the service MUST also include the publisher with every other form of item retrieval.</p>
|
||||
<example caption='Service returns items'><![CDATA[
|
||||
<iq type='result'
|
||||
from='pubsub.shakespeare.lit'
|
||||
to='francisco@denmark.lit/barracks'
|
||||
id='items1'>
|
||||
<pubsub xmlns='http://jabber.org/protocol/pubsub'>
|
||||
<items node='princely_musings'>
|
||||
<item id='ae890ac52d0df67ed7cfdf51b644e901'
|
||||
publisher='hamlet@denmark.lit'>
|
||||
[ ... ENTRY ... ]
|
||||
</item>
|
||||
[ ... MORE ITEMS ... ]
|
||||
</items>
|
||||
</pubsub>
|
||||
</iq>
|
||||
]]></example>
|
||||
<p>The value of the 'publisher' attribute MUST be generated by the service, not accepted by the service in the published item, since allowing the publisher to assert its JID would open the possibility of spoofing.</p>
|
||||
<p>The JID stamped by the service can be either (1) the full JID &LOCALFULL; of the publisher as taken the 'from' attribute of the IQ-set used to publish the item or (2) the bare JID &LOCALBARE; of the publisher as derived from a formal affiliation in the explicit list of whitelisted publishers.</p>
|
||||
</section4>
|
||||
|
Loading…
Reference in New Issue
Block a user