mod_pubsub_serverinfo should check before publishing domains
guusdk opened this issue · comments
mod_pubsub_serverinfo implements XEP-0485: PubSub Server Information. The mod publishes the names of domains with which it federates.
The XEP contains this privacy consideration:
When multiple domains publish their connections to named remote domains, an information leak occurs: by collecting these public statistics, behavioral data of those remote domains can be deduced. To prevent undesired privacy-sensitive information leaks, a domain MUST NOT publish the name of a remote domain, unless that domain advertises support for this XEP (...)
The implementation of mod_pubsub_serverinfo does not perform this check: it always publish the name of a the remote domains.
A modification should be made so that the name
attribute of a remote-domain
element is added only after support the XEP has been detected. Support can be detected by performing a disco/info query to the remote domain, and check for the presence of the feature urn:xmpp:serverinfo:0
(as specified here)