Closed sjehuda closed 8 months ago
sjehuda
commented
1 year ago @Echolon What do you think of this?
Suppose we are visiting speed-dreams.net, and they have their XMPP groupchat.
They choose to use an easy-xmpp-invitation instance, which is not under their control (someone else owns that instance).
Instead of having a default appearance, they choose their background, icon (avatar) and colors.
ge0rg
commented
8 months ago It was a deliberate decision not to allow any of that. Yes, it would work with a backend XMPP connection, but if it is passed as arguments, it will allow impersonation / tricking of users, and I do not want to make that possible.
The only place where it's really a significant step forward in usability is when inviting people to a private chatroom with a generated JID, where you can't see who invited you, nor where.
I don't want to have a spoofable solution, and there is no way to prevent spoofing without a "smart" server that can look up the relevant data in its backend. And the backend-based solution already exists in https://modules.prosody.im/mod_invites_page
sjehuda
commented
8 months ago That could be a very nice feature, but, I agree with you on that.
In fact, that would also allow even a simpler abuse by placing unwanted or underrated graphics.
So it is better not to have this, not for background nor avatar, unless the server is able to connect with the groupchat and pull the avatar from there.
Related to #33
We don't necessarily need to use server side for the following feature.
I guess I'd want to have Description, Topic, and also an icon which we can use with
?jid=speed-dreams-dev@chat.jabberfr.org&type=muc&name=Speed Dreams room for developpers&topic=https://www.speed-dreams.net - http://www.speed-dreams.fr Speed Dreams Release 2.2.3 out&icon=https://a.fsdn.com/allura/p/speed-dreams/iconAnything else requires us to be connected to XMPP, either client side or server side with an XMPP for Javascript.
EDIT:
&jidand&typemight not be needed.