Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't leak the real JIDs of participants when using mentions in semi-anonymous rooms. #1451

Open
wants to merge 2 commits into
base: master
from

Conversation

Projects
None yet
3 participants
@lumi-me-not
Copy link

commented Feb 21, 2019

Converse is leaking real JIDs of participants in semi-anonymous MUCs when a moderator mentions anyone, it also will sometimes not include a "uri" attribute, even though the XEP states that this is required.

I've fixed both of these issues, though I'm not sure if this is a good way of doing so.

lumi-me-not added some commits Feb 21, 2019

Don't send a paticipant's real jid in the mention if we are a moderat…
…or in a semi-anonymous or anonymous MUC.

Always add the "uri" attribute, as it is required according to the XEP.

@jcbrand jcbrand force-pushed the conversejs:master branch from 04f88d1 to 3e4f4e9 Feb 22, 2019

@jcbrand jcbrand force-pushed the conversejs:master branch from cbd2e47 to a0f5dfd Mar 15, 2019

@jcbrand

This comment has been minimized.

Copy link
Member

commented Mar 23, 2019

Thank you for this PR @lumi-me-not

I wrote to the standards list about this PR.
https://mail.jabber.org/pipermail/standards/2019-March/035856.html

@iNPUTmice prefers to use real JIDs as far as possible, because nicknames aren't stable in MUCs. Anybody can take a nickname and thereby impersonate other users, or receive notifications for messages that were meant for someone else who used that nickname before them.

There is a workarounds for this, for example registering nicknames with MUCs, which @mwild1 and I worked on in the context of Prosody and Converse, see auto_register_muc_nickname, but it's not widely deployed.

I think in light of all this, this change should be made configurable, with the current behavior being the default. The configuration setting can be called something like muc_references' with the default value being jidand the other option beingnickname`.

(On a different, but related note, we should add validation for configuration settings to check that valid values are supplied).

Setting auto_register_muc_nickname to true and muc_references to nickname would solve the problem of unstable MUC nicknames (if the XMPP server supports MUC nickname registrations).

@mwild1

This comment has been minimized.

Copy link

commented Mar 23, 2019

Wondering aloud if we could just add stable ids to MUC participants...

@jcbrand jcbrand force-pushed the conversejs:master branch 2 times, most recently from 37cfa36 to f1899d0 Apr 10, 2019

@jcbrand jcbrand force-pushed the conversejs:master branch from 6a1d4ec to a1630b5 Jul 11, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.