%ents; ]>
Data Forms Media Element This specification defines an XMPP protocol extension for including media data in XEP-0004 data forms. &LEGALNOTICE; 0221 Proposed Standards Track Standards XMPP Core XEP-0004 None None NOT_YET_ASSIGNED &ianpaterson; &stpeter; 0.3 2008-06-18 psa

Changed MUST to SHOULD regarding inclusion of uri element; allowed inclusion of codecs parameter in type attribute per RFC 4281; added Security Considerations section.

0.2 2008-01-30 psa

Modified to reuse data element from XEP-0231.

0.1 2007-07-11 psa/ip

Initial version, split off from XEP-0158.

In certain protocols that make use of &xep0004;, it can be helpful to include media data such as small images. One example of such a "using protocol" is &xep0158;. This document defines a method for including media data in a data form.

The root element for media data is <media/>. This element MUST be qualified by the "urn:xmpp:tmp:media-element' namespace &NSNOTE;. The <media/> element MUST be contained within a <field/> element qualified by the 'jabber:x:data' namespace.

If the media is an image or video then the <media/> element SHOULD include 'height' and 'width' attributes specifying the recommended display size of the media in pixels.

The <media/> element SHOULD contain at least one <uri/> element to specify the out-of-band location of the media data. Constrained execution environments prevent some clients (e.g., Web clients) from rendering media unless it has been received out-of-band. If included, the <uri/> element MUST contain a URI that indicates the location and MUST include a 'type' atribute that specifies the MIME type (see &rfc2045;) of the media. The MIME type SHOULD be as registered in the &ianamedia;. The 'type' attribute MAY include the codecs parameter as specified in &rfc4281;, as shown in the example of the "audio/ogg" media type in the example below.

The <media/> element MAY also contain one or more <data/> elements for distributing the media in-band. The <data/> element MUST be qualified by the 'urn:xmpp:tmp:data-element' as defined in &xep0231;. The encoded data SHOULD NOT be larger than 8 kilobytes. If a stanza contains more than one <data/> element, the sending entity MUST take care not to trigger server-defined bandwidth limits.

http://victim.example.com/challenges/speech.wav?F3A6292C http://victim.example.com/challenges/speech.ogg?F3A6292C http://victim.example.com/challenges/speech.mp3?F3A6292C [ ... base64-encoded-audio ... ] ]]>

The following example is provided only for the purpose of illustration; consult the specifications for using protocols to see canonical examples.

[ ... ] http://www.victim.com/challenges/ocr.jpeg?F3A6292C ** Base64 encoded image ** [ ... ] ]]>

The ability to include arbitrary binary data implies that it is possible to send scripts, applets, images, and executable code, which may be potentially harmful. To reduce the risk of such exposure, an implementation MAY choose to not display or process such data but instead either completely ignore the data, show only the value of the 'alt' attribute (if included), or prompt a human user for approval (either explicitly via user action or implicitly via a list of approved entities from whom the user will accept binary data without per-event approval).

This document requires no interaction with &IANA;.

Until this specification advances to a status of Draft, its associated namespace shall be "urn:xmpp:tmp:media-element"; upon advancement of this specification, the ®ISTRAR; shall issue a permanent namespace in accordance with the process defined in Section 4 of &xep0053;.

]]>