[jdev] stanzaFrom cheat
Matthew A. Miller
linuxwolf at outer-planes.net
Wed May 26 11:06:24 CDT 2004
If the receiver is on the same server as the sender, there's little that
can be done. If they're on different servers, the receiver's server
should be rejecting it.
Please see http://www.jabber.org/ietf/draft-ietf-xmpp-core-24.html and
http://www.jabber.org/ietf/draft-ietf-xmpp-im-22.html for more information.
- LW
gregoire athanase wrote:
>ok I did not notice that.
>
>but that means that if I change the code of my jabber
>server, I can cheat. is it true?
>how can the receiver know that the sender is the good
>one?
>
>
>--- Julian Missig <julian at jabber.org> wrote:
>
>
>>If you look at the receiving end the receiver will
>>have the correct
>>"from" attribute rather than your cheated one. The
>>Jabber server will
>>overwrite your from if it's incorrect.
>>
>>Julian
>>
>>
>>On 26 May, 2004, at 11:19, gregoire athanase wrote:
>>
>>
>>
>>>hi,
>>>
>>>i tried to cheat on the stanza "from" attribute
>>>
>>>
>>with
>>
>>
>>>my server, which did not seem to notice anything
>>>suspiscious and dispatched the stanzas according
>>>
>>>
>>to
>>
>>
>>>the stanza "to" attribute.
>>>
>>>can the receiver know that the value has been
>>>cheatted?
>>>
>>>
>>>
>>>
>>>
>>>__________________________________
>>>Do you Yahoo!?
>>>Friends. Fun. Try the all-new Yahoo! Messenger.
>>>http://messenger.yahoo.com/
>>>_______________________________________________
>>>jdev mailing list
>>>jdev at jabber.org
>>>https://jabberstudio.org/mailman/listinfo/jdev
>>>
>>>
>>_______________________________________________
>>jdev mailing list
>>jdev at jabber.org
>>https://jabberstudio.org/mailman/listinfo/jdev
>>
>>
>
>
>
>
>
>__________________________________
>Do you Yahoo!?
>Friends. Fun. Try the all-new Yahoo! Messenger.
>http://messenger.yahoo.com/
>_______________________________________________
>jdev mailing list
>jdev at jabber.org
>https://jabberstudio.org/mailman/listinfo/jdev
>
>
More information about the JDev
mailing list