Monitoring Service 1.6.0 does not check user has the right to enter the archive

Description

According to XEP-0313 MAM, 1 a MUC archive MUST check that the user requesting the archive has the right to enter it at the time of the query and only allow access if so.

This is currently not the case for password protected rooms. Any user can access the MAM archive without being prompted for a password.

However, section 5.1.2 MUC Archives 1 is respected and working correctly for moderated chat rooms.

Environment

None

Activity

Show:
wroot
July 10, 2018, 9:44 AM
Edited

FYI, 1.6.1 is currently removed from the site as it is unusable.

Guus der Kinderen
July 10, 2018, 9:12 AM

Fixes in version 1.6.1 of the monitoring plugin.

Fixed
Your pinned fields
Click on the next to a field label to start pinning.

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen