XMPP Service Operators - 2019-08-27

  1. tom

    I was going over the spec for http_upload

  2. tom

    Would it make sense to add a TTL to the standard so you can optionally set an expirey policy?

  3. tom

    for exmaple PUT https://upload.someserver.com/file&v=someauthcode&ttl=6300

  4. MattJ

    tom, yes, I think it would make sense (though it would probably be part of the slot request, not the URL - the server generates the URL)

  5. MattJ

    But the server operator may want to put an upper limit on retention time

  6. MattJ

    and then it starts to get complicated, as we also have quotas (limits in size, rather than time)

  7. MattJ

    Most servers are already expiring old user uploads, but they all have different policies about when and how

  8. mathieui

    may I point out that pea has been connecting and disconnecting at least two times per minutes for quite a while?

  9. tom

    mathieui, the way I currently do it is I delete all files that are more than 30 days old with a bash oneliner in a cronjob

  10. tom

    0 5 * * 1 find /var/www/upload.mydomain.com/htdocs/* -mtime +30 -delete

  11. tom


  12. tom

    is it the XMPP server itself that keeps track of user quota or the upload server's job?

  13. tom

    I would think it's the XMPP server because that's the thing generating the unique upload auth codes

  14. tom

    that would also make sense why the newer version also verifies mime and size upload-server side in case the xmpp server had upload filtering policies and with the current version implemented in perl, you could bypass upload policies with a modifed client because the auth code is still code even if you send different data that what you told the XMPP server you would send