[Standards] OBSOLETED: XEP-0071 (XHTML-IM)
jonas at wielicki.name
Wed Mar 7 18:18:46 UTC 2018
Due to popular request, I’m going to re-post the reply I gave earlier on
The core reason is that it caused quite a few XSS vulnerabilities. There are
lengthy threads on the standars mailing list:
* starting with Security issues with XHTML-IM (again) 
* some discussion on replacement in Rich(er) text in IM vs XHTML docs 
* collection of replacement requirements in Formatting Use Cases 
And much more. I recommend you to browse the archives if you really want to
get the whole picture. The XMPP standards community has discussed this at
length and the final ruling of the council is in the respective meeting
minutes: Council Minutes 2018-02-14  and MUC logs of the meeting .
As for an replacement, it depends on your use-case. There’s [XEP-0393]
(Message Styling) which should cover many IM use-cases. I started to work on
[XEP-0394] (Message Markup) which intends to do a bit more, with a more
flexible approach. Note that I intend to overhaul XEP-0394 and I don’t know of
any implementations. XEP-0393 is implemented in a few clients already (I know
of Conversations and yaxim).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the Standards