HTTP File Upload should work from within a browser, considering correct CORS headers are set, right?
MattJ
Correct
good-natured_old_robothas left
good-natured_old_robothas joined
good-natured_old_robothas left
good-natured_old_robothas joined
Dele Olajidehas left
florettahas joined
good-natured_old_robothas left
good-natured_old_robothas joined
singpolymahas joined
Dele Olajidehas joined
adiaholichas joined
Alexhas left
konstantinoshas left
konstantinoshas joined
atomicwatchhas left
atomicwatchhas joined
kinetikhas joined
sebastianhas left
sebastianhas joined
menelhas joined
konstantinoshas left
adiaholichas left
xnamedhas left
adiaholichas joined
djorzhas left
xnamedhas joined
Alexhas joined
andrey.ghas joined
Skull Fuckerhas left
Alexhas left
adiaholichas left
Andrzejhas left
Tobias
https://pastebin.com/raw/DeG71TxK any clues why it would say "unknown slot"
Tobias
wrong room
adiaholichas joined
Alexhas joined
Tobiashas left
Andrzejhas joined
Tobiashas joined
debaclehas joined
Dele Olajidehas left
Andrzejhas left
adiaholichas left
gooyahas left
Alastair Hoggehas left
Alexhas left
Alastair Hoggehas joined
gooyahas joined
adiaholichas joined
djorzhas joined
Alexhas joined
Paganinihas joined
rebeld22has joined
Samhas left
adiaholichas left
Samhas joined
wgreenhousehas left
Dele Olajidehas joined
brunrobehas left
Marandahas left
Mjolnir Archonhas left
adiaholichas joined
djorzhas left
djorzhas joined
Dele Olajidehas left
Ge0rGhas left
thndrbvrhas left
adiaholichas left
Dele Olajidehas joined
Ge0rGhas joined
florettahas left
florettahas joined
Mjolnir Archonhas joined
brunrobehas joined
Marandahas joined
Samhas left
adiaholichas joined
neshtaxmpphas left
neshtaxmpphas joined
konstantinoshas joined
Samhas joined
xnamedhas left
good-natured_old_robothas left
Samhas left
Samhas joined
atomicwatchhas left
good-natured_old_robothas joined
Titihas left
Titihas joined
eevvoorhas joined
atomicwatchhas joined
Mikaelahas left
playerthreehas joined
atomicwatchhas left
good-natured_old_robothas left
good-natured_old_robothas joined
moparisthebesthas left
moparisthebesthas joined
xnamedhas joined
Samhas left
Samhas joined
good-natured_old_robothas left
good-natured_old_robothas joined
wgreenhousehas joined
moparisthebesthas left
atomicwatchhas joined
djorzhas left
moparisthebesthas joined
adiaholichas left
Titihas left
Titihas joined
Tim Rhas left
adiaholichas joined
adiaholichas left
atomicwatchhas left
atomicwatchhas joined
good-natured_old_robothas left
Mikaelahas joined
neshtaxmpphas left
neshtaxmpphas joined
adiaholichas joined
nycohas joined
eevvoorhas left
florettahas left
djorzhas joined
xnamedhas left
antranigvhas left
moparisthebesthas left
nycohas left
moparisthebesthas joined
harry837374884has left
Mikaelahas left
Mikaelahas joined
playerthreehas left
xnamedhas joined
lovetox
im reading XEP-0388
lovetox
> At any time while authentication is in progress, neither Client nor Server sends any element (including stanzas) or other data except the top-level elements defined herein. Clients MUST NOT send whitespace, and MUST send only <response/> elements as appropriate or an <abort/> element to immediately cause an error.
lovetox
why am i not allowed to send a whitespace?
Kevhas left
singpolymahas left
harry837374884has joined
debaclehas left
good-natured_old_robothas joined
antranigvhas joined
singpolymahas joined
florettahas joined
sernickhas joined
moparisthebesthas left
moparisthebesthas joined
andrey.ghas left
adiaholichas left
moparisthebest
Unsure about this, I think I hate it https://delta.chat/en/2022-06-14-webxdcintro
Titihas left
Zash
> web
definitely hate it
Samhas left
adiaholichas joined
Samhas joined
Steve Killehas left
djorzhas left
Titihas joined
Kevhas joined
Samhas left
Steve Killehas joined
Kevhas left
moparisthebest
I can't find info about how they are sandboxed, which makes me think they put no thought into that and assumed ancient vuln riddled Android bundled webview is enough, yikes
Guus
what is the intended behavior in pubsub, when a subscriber (subscribed with a bare JID) is online with more than one resource, when a new publication occurs?
Zash
Guus: event notification sent to the bare jid, receiving server does forking like with any other message?
good-natured_old_robothas left
raghavgururajanhas left
antranigvhas left
Samhas joined
jinxdhas joined
Kevhas joined
archas left
archas joined
Guus
Openfire might be doing 'any other message' wrong
singpolymahas left
MattJ
moparisthebest: time to bundle converse.js as a .xdc?
moparisthebest
MattJ: ooh ingenious, suddenly all 50 deltachat users are now XMPP users
debaclehas joined
antranigvhas joined
good-natured_old_robothas joined
singpolymahas joined
MattJ
https://docs.webxdc.org/spec.html#messenger-implementation has some notes about sandboxing
florettahas left
Kevhas left
archas left
chipmnkhas left
chipmnkhas joined
Mikaelahas left
archas joined
pjnhas left
moparisthebest
So... No internet access other than they can transmit unlimited messages? :thinking:
florettahas joined
antranigvhas left
adiaholichas left
moparisthebest
Anyone get a chance to look at https://xmpp.org/extensions/inbox/xmpp-over-quic.html or https://xmpp.org/extensions/inbox/websocket-s2s.html yet ?
MattJ
Not yet
pjnhas joined
adiaholichas joined
neshtaxmpphas left
neshtaxmpphas joined
Zash
They looked short and I'm skeptical of keeping the framing that was added because browser clients supposedly can't parse streaming XML.
MattJ
Zash, even before websockets there were people arguing for framing. I'm not strongly one way or the other, but it certainly makes some things easier
colemanhas left
MattJ
Quite a few things, in fact
moparisthebest
Not changing websocket at all makes it trivial to add support with approximately one if statement
Thilo Molitorhas left
moparisthebest
I would argue for XMPP 2.0 we should add explicit framing even for TLS/quic streams
moparisthebest
Not having it is the source of countless bugs and security issues
MattJ
We already have framing in XMPP over websocket
MattJ
Oh, I misread what you said, ignore me
Thilo Molitorhas joined
Zash
I mean the XML fiddlery that makes xmpp-over-ws ≠xmpp + ws
Zash
MattJ, weren't all our recent security and memory consumption issues _because_ of per-message XML parsing?
MattJ
:)
moparisthebest
Yea I don't like the changing namespace, I would love to keep it jabber:server actually
Zash
And I think I just dropped 25% of RSS by cutting down on similar stuff.
Zash
If anything I'd want a websocket subprotocol where you just send normal XMPP over websocket (with the websocket framing, but without the <open/> and whatnot)
moparisthebest
The prosody memory hog bug was due to lack of framing and so was the recent zoom ejabberd/gloox bug
moparisthebest
Zash: yes that would make way more sense imho
MattJ
But then web clients have to implement streaming parsers
Zash
No
xeckshas left
Zash
Servers would need to support two methods
xeckshas joined
moparisthebest
They can just pretend the stream header is a stand alone stanza
MattJ
Zash, I'm not a fan of yet more ways to do things
konstantinoshas left
archas left
MattJ
More ways to do things -> more surface area to maintain and for bugs and security issues to hide in
Zash
Therefore ... s2s over websockets?
moparisthebest
We can save that for the upcoming replacement to websockets
Zash
s2s over tcp + s2s over tls isn't enough?
archas joined
Zash
If it's meant to solve the problem that certain hosting providers are strictly http-only, isn't this _not_ going to solve that until 100% of servers implement it?
Zash
A problem IMO should be solved by not giving such providers any business whatsoever
moparisthebest
Gotta start somewhere I guess
MattJ
Yeah, I'm not really sure about s2s-over-ws
Zash
Fix your providers and firewalls!
moparisthebest
I've already seen a hundred questions in Snikket about why it can't run behind an http proxy
Zash
Working around those problems just moves us towards the future where only the web is allowed
Zash
I don't want to live in that future
moparisthebest
It's already here, we live in the bad place
MattJ
moparisthebest, and you want to replace them with "why can't I contact someone on <any other XMPP domain>?" :)
moparisthebest
I get the impression those people don't know federation exists anyway
Zash
Other wording of that is that you have the same deployment problem as DANE&DNSSEC
MattJ
We already have some of that simply due to requiring valid TLS certificates!
MattJ
Which you would think wouldn't be too much to ask in 2022
singpolymahas left
moparisthebest
I think the whole point is servers that already implement c2s websocket can turn this on easily
Zash
With s2s the hard part is usually the outgoing connections
Zash
At least it has been in Prosody every time, i.e. for IPv6 and direct TLS
Zash
and unless you mean your proxy, I imagine some refactoring would be needed for incoming too
marc0shas left
moparisthebest
Fair... I just took all that away from prosody, xmpp-proxy does all the lookups and TLS