mirror of
https://github.com/moparisthebest/xeps
synced 2024-12-23 08:08:53 -05:00
XEP-0333: Clarify security note further
This commit is contained in:
parent
0915bd786b
commit
928513d81d
@ -250,12 +250,13 @@
|
||||
even maliciously reused by another MUC occupant.</p>
|
||||
|
||||
<p>Therefore, if a MUC announces support for &xep0359; then clients MUST always use
|
||||
the MUC-assigned id for Chat Markers. The id will be contained in a <stanza-id>
|
||||
the MUC-assigned id for Chat Markers. The id will be contained in a <stanza-id/>
|
||||
element inserted into the stanza with a 'by' attribute matching the MUC's own JID.</p>
|
||||
|
||||
<p>As per XEP-0359 security considerations, if XEP-0359 support is not announced then
|
||||
<stanza-id/> elements with a 'by' attribute that match the MUC's own JID should
|
||||
be considered spoofed and MUST be ignored.</p>
|
||||
<p>As per XEP-0359 security considerations, if XEP-0359 support is not announced on the
|
||||
MUC room's JID then <stanza-id/> elements with a 'by' attribute that match the
|
||||
MUC's JID should be considered spoofed and MUST be ignored.</p>
|
||||
|
||||
<example caption='Example MUC message with a markable Chat Marker'>
|
||||
<![CDATA[
|
||||
<message
|
||||
|
Loading…
Reference in New Issue
Block a user