1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-12-23 08:08:53 -05:00

XEP-0333: Clarify security note further

This commit is contained in:
Matthew Wild 2020-04-15 15:38:02 +01:00 committed by Maxime “pep” Buquet
parent 0915bd786b
commit 928513d81d

View File

@ -250,12 +250,13 @@
even maliciously reused by another MUC occupant.</p>
<p>Therefore, if a MUC announces support for &xep0359; then clients MUST always use
the MUC-assigned id for Chat Markers. The id will be contained in a &lt;stanza-id&gt;
the MUC-assigned id for Chat Markers. The id will be contained in a &lt;stanza-id/&gt;
element inserted into the stanza with a 'by' attribute matching the MUC's own JID.</p>
<p>As per XEP-0359 security considerations, if XEP-0359 support is not announced then
&lt;stanza-id/&gt; elements with a 'by' attribute that match the MUC's own JID should
be considered spoofed and MUST be ignored.</p>
<p>As per XEP-0359 security considerations, if XEP-0359 support is not announced on the
MUC room's JID then &lt;stanza-id/&gt; elements with a 'by' attribute that match the
MUC's JID should be considered spoofed and MUST be ignored.</p>
<example caption='Example MUC message with a markable Chat Marker'>
<![CDATA[
<message