In yesterday's XMPP Council meeting we had some discussion about whether and how to include media objects in data forms (cf. XEP-0221):
http://logs.jabber.org/[EMAIL PROTECTED]/2008-04-30.html#14:51:46 This matters because we need something like this so that we can include CAPTCHAs in registration forms. Ralph Meijer objected that he doesn't see a good place for media objects in data forms. I proposed that we could do something like this (note the <data/> element from XEP-0231): <message from='victim.com' to='[EMAIL PROTECTED]/zombie' xml:lang='en' id='F3A6292C'> <challenge xmlns='urn:xmpp:tmp:challenge'> <x xmlns='jabber:x:data' type='form'> [ ... ] <field var='picture_recog'> <media xmlns='xmlns='urn:xmpp:tmp:media-element' height='150' width='150'> <uri type='image/jpeg'> http://www.victim.com/challenges/picture.jpeg?F3A6292C </uri> ==> <data xmlns='urn:xmpp:tmp:data-element' ==> cid:[email protected] ==> </data> </media> </field> [ ... ] </x> </challenge> </message> Then if the recipient needs to retrieve the data via XMPP (e.g., because it cannot access sites via HTTP because of socket limitations) it can do so as described in XEP-0231: <iq from='[EMAIL PROTECTED]/zombie' id='get-data-1' to='victim.com' type='get'> <data xmlns='urn:xmpp:tmp:data-element' cid='[EMAIL PROTECTED]'/> </iq> Alternatively, we could specify that the <media/> element shall contain only URIs and never direct data (which is essentially what the cid: URL does). Or we we could not use cid: URLs at all but instead define a new URI scheme (or reuse the xmpp: scheme with a special action) for data reference and retrieval. Thoughts? Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
