vanitasvitae/Smack
1
0
Fork 0
mirror of https://github.com/vanitasvitae/Smack.git synced 2024-06-24 12:24:51 +02:00
Code Issues Releases Wiki Activity
Smack/core/src
History
Lars Noschinski 9ac882241a Process only requested roster results (SMACK-538) 
Prior to this change, Smack processes each RosterPacket (which is not of
type IQ.Type.RESULT) as a roster result.

Any other client on the XMPP network can send such a packet (not only
our server). This allows a malicious party to overwrite our Roster.

This patch changes smack so that a RosterPacket is discarded if it is
not a reply to a roster request.
2014-03-07 16:13:19 +01:00
..
integration-test Substitute MXParser with a call to XmlPullParserFactory 2014-02-20 13:48:36 +01:00
main Process only requested roster results (SMACK-538) 2014-03-07 16:13:19 +01:00
test Add and use IQReplyFilter (SMACK-533) 2014-03-07 16:13:07 +01:00