i am a newbie for xmpp. i plan to start a 'chat' web application.at client,i prepare use 'Strophe',but i found strophe cannot support registeration module.
someone said can use 'XEP-0077: In-Band Registration'.can u tell me what i can do it?
thanks
XEP-0077 is the way to go here. Make sure you've read it thoroughly. Next, look at the strophejs-plugins project to get some examples of how to write a strophe plugin. Then, you'll want to create protocol that imlements XEP-0077, starting with something like:
Strophe.addConnectionPlugin('register', {
_connection: null,
init: function(conn) {
this._connection = conn;
Strophe.addNamespace('REGISTER', 'jabber:iq:register');
},
get: function(callback) {
var stanza = $iq({type: "get"}).c("query",
{xmlns: Strophe.NS.REGISTER});
return this._connection.sendIQ(stanza.tree(), callback, function(){});
}
});
Make sure to contribute your patch to strophejs-plugins back on github.
Related
I was wondering if it was possible to use DOMPurify to sanitize user input on a form before it is saved to database. Here's what I've got in my routes.js folder for my form post:
.post('/questionForm', (req, res, next) =>{
console.log(req.body);
/*console.log(req.headers);*/
const questions = new QuestionForm({
_id: mongoose.Types.ObjectId(),
price: req.body.price,
seats: req.body.seats,
body_style: req.body.body_style,
personality: req.body.personality,
activity: req.body.activity,
driving: req.body.driving,
priority: req.body.priority
});
var qClean = DOMPurify.sanitize(questions);
//res.redirect(200, path)({
// res: "Message recieved. Check for a response later."
//});
qClean.save()
.then(result => {
//res.redirect(200, '/path')({
// //res: "Message recieved. Check for a response later."
//});
res.status(200).json({
docs:[questions]
});
})
.catch(err => {
console.log(err);
});
});
I also imported the package at the top of the page with
import DOMPurify from 'dompurify';
When I run the server and submit a post request, it throws a 500 error and claims that dompurify.sanitize is not a function. Am I using it in the wrong place, and/or is it even correct to use it in the back end at all?
This might be a bit late, but for others like me happening to run into this use case I found an npm package that seems well suited so far. It's called isomorphic-dompurify.
isomorphic-dompurify
DOMPurify needs a DOM to interact with; usually supplied by the browser. Isomorphic-dompurify feeds DOMPurify another package, "jsdom", as a dependency that acts like a supplementary virtual DOM so DOMPurify knows how to sanitize your input server-side.
In the packages' own words "DOMPurify needs a DOM tree to base on, which is not available in Node by default. To work on the server side, we need a fake DOM to be created and supplied to DOMPurify. It means that DOMPurify initialization logic on server is not the same as on client".
Building on #Seth Lyness's excellent answer --
If you'd rather not add another dependency, you can just use this code before you require DOMPurify. Basically what isometric-dompurify is doing is just creating a jsdom object and putting it in global.window.
const jsdom = require('jsdom');
const {JSDOM} = jsdom;
const {window} = new JSDOM('<!DOCTYPE html>');
global.window = window;
I'm quite the noob using Ionic or Angular for that matter. So as a cheat sheet I'm using the ionic-super-starter template (link below).
I am trying to make a get request to my API and it works just find if I'm doing it like this:
this.api.get('user/'+this.user.userId+'/entries?include=stuff&access_token=TOKEN');
but when I put the url params into an object it stops working:
let options = {
'include':'stuff',
'access_token':'TOKEN'
}
this.api.get('user/'+this.user.userId+'/entries', options);
The only error I get is "Unauthorized Request" since the options object including the access token was not appended to the url.
In the ionic-super-starter template the providers/api/api.ts calls .set() for each key in my params object:
if (params) {
reqOpts.params = new HttpParams();
for (let k in params) {
reqOpts.params.set(k, params[k]);
}
}
but according to Angular University this is not possible since "HTTPParams is immutable".
If it really was wrong to do this, I don't believe it would be in the ionic template. Nor would I believe that I would be the first person to come across this issue.
However, I am stuck here so any help would be appreciated.
Link to Angular University:
https://blog.angular-university.io/angular-http/#httprequestparameters
Link to ionic-super-starter:
https://github.com/ionic-team/starters/tree/master/ionic-angular/official/super
I think I figured it out myself:
if I write (in my src/providers/api/api.ts)
reqOpts.params = reqOpts.params.append(k, params[k]);
instead of
reqOpts.params.set(k, params[k]);
it works.
if you are using a loopback API as I am you might have nested objects like:
let options = {
"filter": {
"order": "date DESC"
},
"access_token":this.user._accessToken
};
this won’t work. try instead:
let options = {
"filter": '{"order":"date DESC"}',
"access_token":this.user._accessToken
};
Good morning, I need to make attended transfers with SIP.js. Anyone succeded in this task?
I can only make blind transfers right now, i found an article that reports that in version 0.7.x there is support for attended transfer trough replace command.
https://www.onsip.com/blog/sipjs-070-adds-fixes-and-support-for-attended-transfer-recommended-upgrade
Maybe too late, but I write answer for future. I made it in this steps:
saved current session in other variable, for example var holded_session = session;
call in current session hold, session.hold()
make new call ua.invite()
make transfer session.refer(holded_session)
Functions hold() and unhold() are not documented in documentation, but when you output session into console, you will see its in there.
I solved this for audio this manner
sessionOne.hold();//already exists previously
var uri = phone + '#' + sip_server;
var options = {
media: {
constraints: {
audio: true,
video: false
},
render: {
remote: document.getElementById('audio-output')
},
stream: mediaStream
},
extraHeaders: [...],
inviteWithoutSdp: true,
rel100: SIP.C.supported.SUPPORTED,
activeAfterTransfer: false //die when the transfer is completed
};
sessionTwo = userAgent.invite(uri, options);
//if yo want handle the transfer at the application level, then implements the handler events as on('refer', function(request) {}) for the session object
...
sessionOne.refer(sessionTwo);//session two already must is accepted (sip server)
I'm trying to learn a little bite of Meteor. This is my event on the client side:
Template.todos_list.events({
'click .todo-done': function () {
console.log(this);
Meteor.call('updateToDo', this._id, !this.completed);
},
'click .single-delete': function () {
Meteor.call('singleDelete');
//Todos.remove(this._id); **<-- this works when insecure is activated**
console.log('clicked the ' + this._id)
}
});
Server Side:
Meteor.methods({
addTodo: function (title) {
Todos.insert({
title: title,
completed: false
})
},
singleDelete: function() {
Todos.remove({_id: this._id});
}
});
I also tried just to use Todos.remove(this._id) at the server side but it doesn't work, either. It somehow only works on the client side.
What am I missing?
Thanks to all of you,
Amir
I think yo have to pass the _id of your object to your singleDelete function.
Changes on client Side:
Meteor.call('singleDelete', this._id);
and the changes on server Side:
singleDelete: function(todoId) {
Todos.remove({_id: todoId});
}
// Edit: I've added a short link to the Javascript this behavior:
https://www.discovermeteor.com/blog/javascript-for-meteor search for 'This'
Basically, the this keyword lets you access the object on which you’re currently working: just like a chameleon, this keeps changing based on its surroundings.
// Edit2: Another great reference: http://bonsaiden.github.io/JavaScript-Garden/#function.this
How this Works
JavaScript has a different concept of what the special name this refers to than most other programming languages. There are exactly five different ways in which the value of this can be bound in the language.
When I try to create a room in Multi User Chat (MUC) the server responds 'This room is locked from entry until configuration is confirmed'. How can I overcome this?
Thanks in advance
You need to send a configuration form for the room. If you are using smack the code would look something like this:
Form submitForm = multiUserChat.getConfigurationForm().createAnswerForm();
submitForm.setAnswer("muc#roomconfig_publicroom", false);
submitForm.setAnswer("muc#roomconfig_roomname", room);
multiUserChat.sendConfigurationForm(submitForm);
I was having this problem using Candy Chat 1.7.1 with Openfire 3.9.3.
This took me a while to work out, but after reading through the Multi-User Chat spec:
http://xmpp.org/extensions/xep-0045.html#createroom
I eventually solved it; first with Strophe, then from that found the Candy way.
So to answer your question:
In Strophe
After creating the room by sending the presence (Example 153 in spec)
I sent the below (as per Example 155 in spec)
conn.sendIQ($iq({
type: "set",
to: escapedRoomId,
from: me.getEscapedJid(),
id: "create:" + conn.getUniqueId()
}).c("query", {
xmlns: "http://jabber.org/protocol/muc#owner"
}).c("x", {
xmlns: "jabber:x:data",
type: "submit"
}));
where conn is the Strophe.Connection
Then to help others who may have the same problem in Candy Chat:
In Candy Chat
After searching for bits of the Strophe message above in the candy libs bundle I found this:
createInstantRoom: function(room, success_cb, error_cb) {
var roomiq;
roomiq = $iq({
to: room,
type: "set"
}).c("query", {
xmlns: Strophe.NS.MUC_OWNER
}).c("x", {
xmlns: "jabber:x:data",
type: "submit"
});
return this._connection.sendIQ(roomiq.tree(), success_cb, error_cb);
},
So then this solves it in Candy Chat.
$(Candy).on('candy:view.room.after-add', function(evt, args) {
Candy.Core.getConnection().muc.createInstantRoom(Candy.Util.escapeJid(args.roomJid));
});
Irritatingly simple when you know how. Incidentally I think the method should be called configureAsInstantRoom and Candy chat should have an option for this on the init method or similar.