Difference between revisions of "XEP-Remarks/XEP-0313: Message Archive Management"

From XMPP WIKI
Jump to navigation Jump to search
(Created page with "= XEP-0313: Message Archive Management = == Missing "Give the the last N messages starting from the oldest" query ==")
 
(→‎Client-side Processing: Add CVE-2020-26547 in Monal)
 
(4 intermediate revisions by 3 users not shown)
Line 1: Line 1:
= XEP-0313: Message Archive Management =
{{remarks}}


= Client-side Processing =


== Missing "Give the the last N messages starting from the oldest" query ==
'''Forwarded messages MUST NOT be accepted from JIDs other than the user's bare account JID''', or else:
 
* [https://gultsch.de/dino_multiple.html CVE-2019-16235+ Multiple Vulnerabilities found in Dino]
* [https://op-co.de/tmp/CVE-2017-5589.html CVE-2017-5589+ Multiple XMPP Clients User Impersonation Vulnerability] (similar, but not identical issue)
* [https://monal.im/blog/cve-2020-26547/  CVE-2020-26547 Missing verification of origin of MAM results in Monal]
 
= Missing "Give the the last N messages starting from the oldest" query =

Latest revision as of 17:35, 31 January 2021

This is a page for information about XEP-Remarks/XEP-0313: Message Archive Management, including errata, comments, questions, and implementation experience.

Client-side Processing

Forwarded messages MUST NOT be accepted from JIDs other than the user's bare account JID, or else:

Missing "Give the the last N messages starting from the oldest" query