[drupal-devel] [feature] Revive Jabber

chx drupal-devel at drupal.org
Thu Sep 8 23:12:40 UTC 2005 

Issue status update for 
http://drupal.org/node/30727
Post a follow up: 
http://drupal.org/project/comments/add/30727

 Project:      Drupal
 Version:      cvs
 Component:    user system
 Category:     feature requests
 Priority:     critical
 Assigned to:  chx
 Reported by:  chx
 Updated by:   chx
-Status:       patch (code needs review)
+Status:       patch (code needs work)

Alas, the module is wrong -- i have only tested with correct password
but let's me in to Drupal with incorrect. Would need TLS but seems not
to work with that.




chx



Previous comments:
------------------------------------------------------------------------

Thu, 08 Sep 2005 22:29:05 +0000 : chx

Attachment: http://drupal.org/files/issues/jabber.txt (4.59 KB)

Google (Talk) uses Jabber and that alone is enough reason to dust off
Jabber and put it back into core. If you are looking for a maintainer,
my hand is up.


The only significant code change is that I removed the global $jabber;
because I have not liked that.


I included an exception for gmail.com. If you do not like it, then do
not commit the module as there is almost no point.




------------------------------------------------------------------------

Thu, 08 Sep 2005 22:54:02 +0000 : chx

Attachment: http://drupal.org/files/issues/jabber_0.txt (4.62 KB)

drumm says that I left in b and i tags. That's Bad. Also he asked why I
have not changed $server for gmail. One, the port would need a change,
so this is shorter, two (as he noted later) the variable is reused.




------------------------------------------------------------------------

Thu, 08 Sep 2005 23:00:00 +0000 : walkah

i'm actually gearing up to commit a jabber.module that re-instates the
dist-auth component... as well as some other features (like status,
send message, etc) ... any reason why this needs to be in core?




------------------------------------------------------------------------

Thu, 08 Sep 2005 23:01:49 +0000 : chx

Yes. Anyone with a gmail account has a drupal account.




------------------------------------------------------------------------

Thu, 08 Sep 2005 23:10:08 +0000 : walkah

to reiterate from IRC:


to do this just for gmail is bad because:
*  talk.google.com requires TLS (which you haven't implemented)
*  special casing is ugly that's what DNS SRV  is for
* drupal dist-auth isn't all that secure anyway (as previously
noted)... inviting gmail users to divulge their password in all drupal
sites is... well... not a good idea imo.


a big -1 from me, sorry :(

More information about the drupal-devel mailing list