Occasionally, a Multi-User Chat (XEP-0045) [1] moderator might wish to moderate certain groupchat messages by, for example, retracting them from the groupchat history as part of an effort to address and remedy issues such as message spam, indecent language for the venue or exposing private third-party personal information. Alternatively, a moderator might want to correct a message on another user's behalf, or flag a message as inappropriate without requiring that it be retracted.
Due to the federated nature of XMPP and as with any content moderation tool, the moderation request can only be considered as a hint and clients which don't support message moderation are not obligated to enforce any such request.
If a client or service implements message moderation, it MUST specify the 'urn:xmpp:message-moderate:0' feature in its service discovery information features as specified in Service Discovery (XEP-0030) [2] and the Entity Capabilities profile specified in Entity Capabilities (XEP-0115) [3].
<iq type='get'
from='romeo@montague.example/orchard'
to='room@muc.example.com'
id='info1'>
<query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>
<iq type='result'
to='romeo@montague.example/home'
from='room@muc.example.com'
id='info1'>
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:xmpp:message-moderate:0'/>
...
</query>
</iq>Consider a situation where a user sends a message that may be deemed inappropriate by a groupchat moderator. The groupchat service will append a Unique and Stable Stanza IDs (XEP-0359) [4] stanza ID to the message before relaying it to all participants.
<message type="groupchat" from="room@muc.example.com/oldhag" to='room@muc.example.com/macbeth' id='inappropriate-1'> <body>DM me for free magic potions!</body> <stanza-id xmlns='urn:xmpp:sid:0' id='stanza-id-1' by='room@muc.example.com'/> </message>
The moderator sees the message and indicates to their client that the message should be retracted. The client then sends an IQ stanza to the MUC service, requesting that the message be retracted.
<iq type='set' to='room@muc.example.com' id='retract-request-1'>
<apply-to id="stanza-id-1" xmlns="urn:xmpp:fasten:0">
<moderate xmlns='urn:xmpp:message-moderate:0'>
<retract xmlns='urn:xmpp:message-retract:0'/>
<reason>This message contains inappropriate content for this forum</reason>
</moderate>
</apply-to>
</iq>If the moderator is allowed to moderate the message, the groupchat service will send a message stanza to all participants (including the moderator), indicating that the message has been retracted and by whom.
This message will use Message Fastening (XEP-0422) [5] to indicate that it applies to the moderated message, by referring to its XEP-0359 Stanza ID.
<message type="groupchat" id='retraction-id-1' from='room@muc.example.com' to="room@muc.example.com/macbeth">
<apply-to id="stanza-id-1" xmlns="urn:xmpp:fasten:0">
<moderated by='room@muc.example.com/macbeth' xmlns='urn:xmpp:message-moderate:0'>
<retract xmlns='urn:xmpp:message-retract:0' />
<reason>This message contains inappropriate content for this forum</reason>
</moderated>
</apply-to>
</message>The groupchat service also responds with an IQ "result" stanza.
<iq type='result' to='juliet@montague.example/home' id='retract-request-1'></iq>
In case the message could for some reason not be retracted, the grouchat service responds with an IQ stanza of type error.
<iq type='error' to='room@muc.example.com/macbeth' id='retract-request-1'>
<error type='modify'>
<forbidden xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>
Only moderators are allowed to moderate other participants' messages
</text>
</error>
</iq>A Message Archive Management (XEP-0313) [6] service MAY replace the contents of a message, that was retracted due to moderation, with a 'tombstone' similar to the one described in Message Retraction (XEP-0424) [7].
The archiving service replaces the message contents (i.e. the <body/> and any related elements which might leak information about the original message) with a <moderated/> element which in turn contains a <retracted/> element. The <moderated/> element MUST have a 'by' attribute specifying the JID of the moderating entity.
If the message was sent in a semi-anonymous MUC, the occupant id from Anonymous unique occupant identifiers for MUCs (XEP-0421) [8] SHOULD be included for the moderator and the message author in the <moderated/> and <retracted/> elements respectively.
<message id='aeb213' to='room@muc.example.com/macbeth'>
<result xmlns='urn:xmpp:mam:2' queryid='f28' id='stanza-id-1'>
<forwarded xmlns='urn:xmpp:forward:0'>
<delay xmlns='urn:xmpp:delay' stamp='2019-09-20T23:18:41Z'/>
<message type="groupchat" from="room@muc.example.com/oldhag" to="room@muc.example.com/macbeth" id="message-id-1">
<occupant-id xmlns="urn:xmpp:occupant-id:0" id="ef73b09de9c90a38ba552f7c68cbeef1dca24429" />
<moderated by="witch@shakespeare.example">
<occupant-id xmlns="urn:xmpp:occupant-id:0" id="dd72603deec90a38ba552f7c68cbcc61bca202cd" />
<retracted stamp='2019-09-20T23:19:12Z' xmlns='urn:xmpp:message-retract:0'/>
<reason>This message contains inappropriate content for this forum</reason>
</moderated>
</message>
</forwarded>
</result>
</message>A moderator MUST NOT send a moderation request for a message with non-messaging payloads. For example, a moderator MUST NOT moderate a roster item exchange request or a file transfer part.
In MUCs, only moderation messages (not tombstones, but messages containing the <moderate/> element) received from the MUC service itself are legitimate, all other such messages MUST be discarded.
If message moderation includes a retraction request, the MUC or other service that supports message retraction SHOULD prevent further distribution of the retracted message by the service and the archiving service MAY replace the retracted message with a tombstone as detailed in Message Retraction (XEP-0424) [7].
There can never be a guarantee that a moderated message will appear as such in all clients. Clients should therefore, when possible, inform users that no such guarantee exists.
To prevent message spoofing, it's very important to check that the moderation message comes from the MUC service (as explained in the Business Rules section).
None.
The XMPP Registrar [9] includes 'urn:xmpp:message-moderate:0' in its registry of protocol namespaces (see <https://xmpp.org/registrar/namespaces.html>).
If the protocol defined in this specification undergoes a revision that is not fully backwards-compatible with an older version, the XMPP Registrar shall increment the protocol version number found at the end of the XML namespaces defined herein, as described in Section 4 of XEP-0053.
<?xml version='1.0' encoding='UTF-8'?>
<xs:schema
xmlns:xs='http://www.w3.org/2001/XMLSchema'
targetNamespace='urn:xmpp:message-moderate:0'
xmlns='urn:xmpp:message-moderate:0'
elementFormDefault='qualified'>
<xs:element name='moderate'></xs:element>
<xs:element name='moderated'>
<xs:complexType>
<xs:simpleContent>
<xs:extension base='xs:string'>
<xs:attribute name='by' type='xs:string' use='required'/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:schema>
This document in other formats: XML PDF
This XMPP Extension Protocol is copyright © 1999 – 2020 by the XMPP Standards Foundation (XSF).
Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.
## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##
In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.
This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).
The HTML representation (you are looking at) is maintained by the XSF. It is based on the YAML CSS Framework, which is licensed under the terms of the CC-BY-SA 2.0 license.
The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.
The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.
Discussion on other xmpp.org discussion lists might also be appropriate; see <http://xmpp.org/about/discuss.shtml> for a complete list.
Errata can be sent to <editor@xmpp.org>.
The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
1. XEP-0045: Multi-User Chat <https://xmpp.org/extensions/xep-0045.html>.
2. XEP-0030: Service Discovery <https://xmpp.org/extensions/xep-0030.html>.
3. XEP-0115: Entity Capabilities <https://xmpp.org/extensions/xep-0115.html>.
4. XEP-0359: Unique and Stable Stanza IDs <https://xmpp.org/extensions/xep-0359.html>.
5. XEP-0422: Message Fastening <https://xmpp.org/extensions/xep-0422.html>.
6. XEP-0313: Message Archive Management <https://xmpp.org/extensions/xep-0313.html>.
7. XEP-0424: Message Retraction <https://xmpp.org/extensions/xep-0424.html>.
8. XEP-0421: Anonymous unique occupant identifiers for MUCs <https://xmpp.org/extensions/xep-0421.html>.
9. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <https://xmpp.org/registrar/>.
Note: Older versions of this specification might be available at http://xmpp.org/extensions/attic/
First draft
END