XEP-xxxx: Data Forms File Input Element

Abstract: This specification defines an element which can be used with data forms to let users upload one or more files.
Author: Jérôme Poisson
Copyright: © 2025 – 2025 XMPP Standards Foundation. SEE LEGAL NOTICES.
Status: ProtoXEP
WARNING: This document has not yet been accepted for consideration or approved in any official manner by the XMPP Standards Foundation, and this document is not yet an XMPP Extension Protocol (XEP). If this document is accepted as a XEP by the XMPP Council, it will be published at <https://xmpp.org/extensions/> and announced on the <standards@xmpp.org> mailing list.
Type: Standards Track
Version: 0.0.1 (2025-06-15)

Document Lifecycle

Experimental
Proposed
Stable
Final

1. Introduction¶

When using Data Forms (XEP-0004) [1], it can sometimes be useful to let the user upload one or several files. For instance, a ticket system based on Form Discovery and Publishing (XEP-0346) [2] may need such a feature. This documentation specifies a "file-input" element which can be used for this.

This specification differs from Data Forms Media Element (XEP-0221) [3]: XEP-0221 is used to display a media in a form (e.g., for a CAPTCHA), while this specification is a way to upload and share files, for instance to attach them to a ticket system.

2. Requirements¶

3. File Input Element¶

The root element for file is <file-input/>. This element MUST be qualified by the "urn:xmpp:file-input:0" namespace. The <file-input/> element MUST be contained within a <field/> element qualified by the 'jabber:x:data' namespace. The <file/> element MAY have the "multiple" attribute, which is a boolean indicating whether multiple files are allowed, and defaulting to "false" [6]

Hints can be given to indicate which kind of files are accepted, and where they must be uploaded. Two elements are used as direct children of the <file-input/> element: <accept/> and <use/>:

When submitting the form, the <file-input/> element MAY (and MUST if <required/> is used in the <field/> element) contain one or more <file/> element qualified by the "urn:xmpp:file:metadata:0" namespace as specified by File metadata element (XEP-0446) [8]. The already uploaded files SHOULD also be indicated when the form is sent from service to end-user but the service MAY hide already uploaded files if it makes sense for it.

3.1 examples¶

In the following example, a form expects a photo to be uploaded. A single file is accepted, and must be an image type.

Example 1. Inclusion in Data Form¶

    <x xmlns='jabber:x:data' type='form'>
      <!-- … -->
      <field var='photo'>
        <required/>
        <file-input xmlns='urn:xmpp:file-input:0' multiple='false'>
          <accept>image/*</accept>
        </file-input>
      </field>
      <!-- … -->
    </x>

In the following example, a form allows multiple file uploads of PDF and LibreOffice text files. The <use/> element specifies the upload service, and two files are already uploaded.

Example 2. Form With Already Uploaded Files¶

<x xmlns='jabber:x:data' type='form'>
  <!-- … -->
  <field var='documents'>
    <file-input xmlns='urn:xmpp:file-input:0' multiple='true'>
      <accept>application/pdf</accept>
      <accept>application/vnd.oasis.opendocument.text</accept>
      <use>upload.example.org</use>
      <file xmlns='urn:xmpp:file:metadata:0'>
        <name>balcony_architecture.pdf</name>
        <media-type>application/pdf</media-type>
        <size>123456</size>
        <date>2025-06-15T10:00:00Z</date>
        <hash xmlns='urn:xmpp:hashes:2' algo='sha-256'>aabbccddeeff…</hash>
      </file>
      <file xmlns='urn:xmpp:file:metadata:0'>
        <name>serenade.odt</name>
        <media-type>application/vnd.oasis.opendocument.text</media-type>
        <size>789012</size>
        <date>2025-06-15T10:05:00Z</date>
        <hash xmlns='urn:xmpp:hashes:2' algo='sha-256'>112233445566…</hash>
      </file>
    </file-input>
  </field>
  <!-- … -->
</x>

4. Implementation Notes¶

As it is usual with data forms, the hints can't be enforced. The entity consulting the submitted form SHOULD check the file types, the number of files, the file location, and any other relevant data to see if they match the expected values.

If a single file is expected to be uploaded (with attribute "multiple" set to "false"), a file has already been uploaded in the form, and a user submits a new file, the service MAY automatically delete the old file to replace it with the new one. This should be clearly indicated to end-users, e.g., via a form note, or via service documentation.

5. Security Considerations¶

When using a suggested JID to send a file (with the <use/> element), the client IP may be exposed. Clients SHOULD mitigate that with appropriate measures (like warning the user, ignoring the </use> element, using a proxy, etc).

6. IANA Considerations¶

7. XMPP Registrar Considerations¶

8. XML Schema¶

Appendices

Appendix A: Document Information¶

Appendix B: Author Information¶

Jérôme Poisson

Appendix C: Legal Notices¶

Copyright

Permissions

Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.

Disclaimer of Warranty

## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##

Limitation of Liability

In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.

IPR Conformance

This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).

Visual Presentation

The HTML representation (you are looking at) is maintained by the XSF. It is based on the YAML CSS Framework, which is licensed under the terms of the CC-BY-SA 2.0 license.

Appendix D: Relation to XMPP¶

The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.

Appendix E: Discussion Venue¶

The primary venue for discussion of XMPP Extension Protocols is the <standards@xmpp.org> discussion list.

Discussion on other xmpp.org discussion lists might also be appropriate; see <https://xmpp.org/community/> for a complete list.

Appendix F: Requirements Conformance¶

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

Appendix G: Notes¶

1. XEP-0004: Data Forms <https://xmpp.org/extensions/xep-0004.html>.

2. XEP-0346: Form Discovery and Publishing <https://xmpp.org/extensions/xep-0346.html>.

3. XEP-0221: Data Forms Media Element <https://xmpp.org/extensions/xep-0221.html>.

4. XEP-0234: Jingle File Transfer <https://xmpp.org/extensions/xep-0234.html>.

5. XEP-0363: HTTP File Upload <https://xmpp.org/extensions/xep-0363.html>.

6. In accordance with Section 3.2.2.1 of XML Schema Part 2: Datatypes, the allowable lexical representations for the xs:boolean datatype are the strings "0" and "false" for the concept 'false' and the strings "1" and "true" for the concept 'true'; implementations MUST support both styles of lexical representation.

7. XEP-0030: Service Discovery <https://xmpp.org/extensions/xep-0030.html>.

8. XEP-0446: File metadata element <https://xmpp.org/extensions/xep-0446.html>.

9. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.