moparisthebest/xeps
1
0
Fork 0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-23 01:32:22 -05:00
Code Issues Releases Wiki Activity

XEP-0333: Clarify security note further

Browse Source
This commit is contained in:
Matthew Wild 2020-04-15 15:38:02 +01:00 committed by Maxime “pep” Buquet
parent 0915bd786b
commit 928513d81d
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
xep-0333.xml
View File

@ -250,12 +250,13 @@
even maliciously reused by another MUC occupant.</p> even maliciously reused by another MUC occupant.</p>
<p>Therefore, if a MUC announces support for &xep0359; then clients MUST always use <p>Therefore, if a MUC announces support for &xep0359; then clients MUST always use
the MUC-assigned id for Chat Markers. The id will be contained in a &lt;stanza-id&gt; the MUC-assigned id for Chat Markers. The id will be contained in a &lt;stanza-id/&gt;
element inserted into the stanza with a 'by' attribute matching the MUC's own JID.</p> element inserted into the stanza with a 'by' attribute matching the MUC's own JID.</p>
<p>As per XEP-0359 security considerations, if XEP-0359 support is not announced then <p>As per XEP-0359 security considerations, if XEP-0359 support is not announced on the
&lt;stanza-id/&gt; elements with a 'by' attribute that match the MUC's own JID should MUC room's JID then &lt;stanza-id/&gt; elements with a 'by' attribute that match the
be considered spoofed and MUST be ignored.</p> MUC's JID should be considered spoofed and MUST be ignored.</p>
<example caption='Example MUC message with a markable Chat Marker'> <example caption='Example MUC message with a markable Chat Marker'>
<![CDATA[ <![CDATA[
<message <message