On Thursday 23 October 2008 16:33:13 Dave Cridland wrote: > there's some suggested RFC text as a prize.
While I'm in the camp that feels the server should sanitize the stream, I agree with all of your proposed text. The fact is that today the majority of servers don't sanitize, so clients absolutely need workarounds, and implementors need to be aware of this. Your text says, "XMPP entities MUST generate namespace well-formed stanzas." Aside from being an obvious mandate to clients, I read this to also mean that a server becomes non-compliant by routing non-namespace well-formed stanzas. But I don't think that's what you intended? > think existing clients actually tend to deal with the stanza as best > as they can, by treating the prefix as if it were declared to an > unknown namespace, which seems reasonable behaviour. This isn't just > Gajim, I copied the behaviour from Pidgin and Psi, which appear to do > the same. To comment on Psi: it's a matter of luck that Psi is not exploding from bad prefixes. We use the off-the-shelf Qt SAX parser, which handles namespaces, but does not report bad prefixes fatally. While I'm happy Psi is immune to these DoS attacks, I can't help but wonder if our parser is buggy for not erroring out. I guess we sit back and pray it is never "fixed"? :) I agree with the other David, that long-term we need to be able to use standard XML tools. Your only hope in convincing us that prefix sanitization is not a server job is if you can show that non-fatal handling of bad prefixes is near universal among XML parsers. I'll admit I don't know what the majority of parsers do. Maybe we should poll XML parser developers, as well as determine W3C's intent. -Justin
