Don't leak the real JIDs of participants when using mentions in semi-anonymous rooms. #1451
Conversation
…or in a semi-anonymous or anonymous MUC. Always add the "uri" attribute, as it is required according to the XEP.
|
Thank you for this PR @lumi-me-not I wrote to the standards list about this PR. @iNPUTmice prefers to use real JIDs as far as possible, because nicknames aren't stable in MUCs. Anybody can take a nickname and thereby impersonate other users, or receive notifications for messages that were meant for someone else who used that nickname before them. There is a workarounds for this, for example registering nicknames with MUCs, which @mwild1 and I worked on in the context of Prosody and Converse, see auto_register_muc_nickname, but it's not widely deployed. I think in light of all this, this change should be made configurable, with the current behavior being the default. The configuration setting can be called something like (On a different, but related note, we should add validation for configuration settings to check that valid values are supplied). Setting |
|
Wondering aloud if we could just add stable ids to MUC participants... |
jcbrand
force-pushed
the
master
branch
2 times, most recently
from
37cfa36
to
f1899d0
Compare
jcbrand
force-pushed
the
master
branch
2 times, most recently
from
aa8c887
to
d7d810b
Compare
It's probably worthwhile revisiting this MR now that we have stable MUC participant ids via XEP-0421 (which Converse already supports) |
Converse is leaking real JIDs of participants in semi-anonymous MUCs when a moderator mentions anyone, it also will sometimes not include a "uri" attribute, even though the XEP states that this is required.
I've fixed both of these issues, though I'm not sure if this is a good way of doing so.