Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Monitoring Service 1.6.0 does not check user has the right to enter the archive

Description

According to XEP-0313 MAM, 1 a MUC archive MUST check that the user requesting the archive has the right to enter it at the time of the query and only allow access if so.

This is currently not the case for password protected rooms. Any user can access the MAM archive without being prompted for a password.

However, section 5.1.2 MUC Archives 1 is respected and working correctly for moderated chat rooms.

Environment

None

Activity

Show:

wroot 
July 10, 2018 at 9:44 AM
(edited)

FYI, 1.6.1 is currently removed from the site as it is unusable.

Guus der Kinderen 
July 10, 2018 at 9:12 AM

Fixes in version 1.6.1 of the monitoring plugin.

Fixed

Details

Assignee

Reporter

Ignite Forum URL

Components

Priority

Created July 2, 2018 at 12:32 PM
Updated October 28, 2020 at 1:26 PM
Resolved July 10, 2018 at 9:12 AM