[Standards] XEP-0124: which error if sid invalid?

Mridul Muralidharan mridul at sun.com
Wed Aug 15 13:41:50 UTC 2007


Hi Stefan,

Stefan Strigler wrote:
> Hi, guess I hit a bug in xep-0124.
> 
> http://www.xmpp.org/extensions/xep-0124.html#errorstatus
> 
> states that 
> 
> "All HTTP codes except 200 have been superseded by Terminal Binding
> Conditions to allow clients to determine whether the source of errors is
> the connection manager application or an HTTP intermediary."
> 
> and
> 
> "If the client did not include a 'ver' attribute in its session creation
> request then the connection manager SHOULD send a deprecated HTTP Error
> Condition instead of this terminal binding condition."
> 
> But in the case that a given sid attribute is unknown or invalid a
> connection manager can not determine if the session has been
> instantiated with a 'ver' attribute for obvious reasons.

Intermediaries wont send a 404, which is what (i recall) the xep asks 
httpbind to send back in case of unknown/invalid sid. So we dont need to 
know the ver in this case (since httpbind assigns sid & not client, this 
is fine).
Hence if we get 404 for initial handshake request, it means httpbind is 
not running on that webserver/ctxroot, if we get 404 for any other 
request, it means session is not longer valid/exists.

So from what I see, this should not be a problem.
Or am I missing something here ?

- Mridul

> 
> Possible fixes that came to my mind:
> 
> * Define this to be a special case and demand to send an HTTP error
> condition. Breaks with concept of separating error conditions at the
> protocol level (you can't tell anymore whether the error is HTTP or BOSH
> related).
> 
> * Make clients send a 'ver' attribute with every request. Consumes more
> bandwidth.
> 
> Cheers, Steve
> 
> 
> 
> 




More information about the Standards mailing list