Each document is identified to the XMPP network by three things:
- The JID contained in the namespaced XML element that specifies the "controller" for this document
- The full URL that the document was loaded from.
- The thread ID assigned to the document by the server.
So how do third parties, such as other clients, interact with documents via XMPP? Well, they have to identify the target document in their stanzas. How do they do this? Using the thread ID. Points to note:
- Either the client or the server has to share the thread ID with the third party in order for this to happen
- Stanzas that arrive from non-controller JIDs are treated differently than controller-originating stanzas:
- They cannot modify the document using directives.
- They trigger different events in the DOM environment.
function processForeignIQ(from, elements, type) {
processIQ(elements, type);
}
function processIQ(elements, type) {
//now we're not just dealing with IQs from the server here!
}
But I digress. The point is that the thread ID is guaranteed to be unique between two JIDs (client and server) as per the RFC - any other behaviour is breaking the spec. However, the thread ID cannot be guaranteed unique across all threads with all servers - i.e. it's possible to have different conversations with two different JIDs, each with thread ID "123".
This means we cannot simply specify the target thread ID on a third-party stanza meant for a document loaded from a different JID. Thread collisions become possible.
At least three options immediately came to mind:
- Ignore this design flaw. A bad idea on principle.
- Break the spec and put the JID in the thread ID. Also a bad idea on principle, and just plain braindead. NO.
- Require inter-document XMPP stanzas to specify the document controller JID. This is annoyingly complicated, and precludes third-party JIDs from broadcasting stanzas to documents who ask for it, regardless of their controller.
- Require the document to initiate communication to third-party JIDs, by sending a message or IQ with the new thread specified. The thread could be the same as the server-client thread, but that's up to the script running on the client.
Grrrr.