diff options
authorJonas Wielicki <j.wielicki@sotecware.net>2017-10-19 13:11:13 +0200
committerJonas Wielicki <j.wielicki@sotecware.net>2017-10-19 13:11:13 +0200
commit1544c743bfd4a61e06fd8f9db15893bf8d6dda6e (patch)
parent3fa0dd6eecb0074260de28d6e24ff1c02879a283 (diff)
parent41778634cc41770191002ffa9ec0b1d08d0f183a (diff)
Merge branch 'feature/xhtml-im-security-considerations' of https://github.com/horazont/xeps into feature/xep-0071
1 files changed, 8 insertions, 1 deletions
diff --git a/xep-0071.xml b/xep-0071.xml
index cc6c0ff..ebfe2ce 100644
--- a/xep-0071.xml
+++ b/xep-0071.xml
@@ -37,6 +37,12 @@
+ <version>1.5.2</version>
+ <date>2017-10-12</date>
+ <initials>jwi</initials>
+ <remark><p>Clarify security considerations.</p></remark>
+ </revision>
+ <revision>
<initials>XEP Editor (mam)</initials>
@@ -838,7 +844,8 @@ That seems fine to me.
<section1 topic='Security Considerations' anchor='security'>
<section2 topic='Malicious Objects' anchor='security-code'>
- <p>The exclusion of scripts, applets, binary objects, and other potentially executable code from XHTML-IM reduces the risk of exposure to harmful or malicious objects caused by inclusion of XHTML content. To further reduce the risk of such exposure, an implementation MAY choose to:</p>
+ <p>While scripts, applets, binary objects and other potentially executable code is excluded from the profiles used in XHTML-IM, malicious entities still may inject those and thus exploit entities which rely on this exclusion. Entities thus MUST assume that inbound XHTML-IM may be mailicious and MUST sanitize it according to the profile used, by ignoring elements and removing attributes as needed.</p>
+ <p>To further reduce the risk of such exposure, an implementation MAY choose to:</p>
<li>Not make hyperlinks clickable</li>
<li>Not fetch or present images but instead show only the 'alt' text.</li>