[jdev] XML Namespaces validation
binary at jrudevels.org
Thu Apr 14 20:34:57 UTC 2011
On 04/15/2011 03:01 AM, Stephan Maka wrote:
> Sergey Dobrov wrote:
>>> Reconnecting after closing with a error seems sane.
> For the receiver this is quite an error. IM users are very annoyed by
> clients signing off & on due to some script kiddy toying at the XML
> My point is: either filter at the server side to disconnect the bad
> sender, or take care of the clients to handle this more gracefully.
>> Ok. That's not a twisted's error and I'm should to post the bug to
>> ejabberd, right? :)
> This has been known for quite some time:
> I remember someone saying that not all servers are going to implement
> such checks as it could hurt performance.
Thanks for the link. I see that bug is with low priority and I
understand that this check will be high cost performance. But I have no
idea how to prevent possible DoS attack to my services. Sure I can just
reconnect and don't reinit transport so users will not see reconnect but
this is dangerous too and some stanzas will be lost while reconnection.
So I see the only way to ignore such bad stanzas at all...
Any ideas or suggestions?
> JDev mailing list
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
With best regards,
XMPP Developer and JRuDevels.org founder.
More information about the JDev