This document describes the http://www.jabber.org/protocol/filexfer namespace, which is used for offering and transferring files from one Jabber ID to another. It tries to expand the basic method (iq:oob) that currently exists to allow for numerous stream methods, and more detailed file information before accepting an offer. This document only describes the negotiation method and suggests how streams could link back to the negotiated information.
This document covers one use case of sending a file to another user. Future specifications may enhance this to include searching and offering.
In order to send a file, the sender must first tell the receiver a little bit about the file to make sure they will accept it. At the same time they list the stream methods they support in the order they wish to use them. This is done by sending the information in the http://www.jabber.org/protocol/filexfer namespace.
That is the basic request, a more complete requeset with range support is shown below.
If a receiver decides to accept an offered file they request it from the sending with an <iq/> type result. The receiver sends back the id of the file being sent, the method they wish to use, and the range they wish to download (if the sender announced support). When range support is being used the receiver MUST specify the length and MAY specify a beginning offset with the acceptance.
If the receiver decides to not accept the file they SHOULD send back an error 403 to the sender.
If the receiver does not support any of the offered stream methods they SHOULD send back an error 406 to the sender.
At this point the sender will setup the stream method and begin to transfer data. The stream itself can use the file transfer namespace to tie the metadata to the actual data sent, this is illustrated below using iq:oob.
If the receiver is unable to start the negotiated stream for any reason they should send an <error/> with a 502 code to the sender.
Once the data has been transferred the receiver SHOULD send the sender a notification that the transfer completed. This is done by sending an <iq/> type set with the file id and a completed action.
If the transfer does not complete, for any reason after the metadata negotiation, the party that has the error SHOULD send an error 500 and the file id to the other party.
By staying in just the realm of negotiating the metadata to a file, we allow for multiple transport layers, or streams, to be used. Some streams will need to tie the metadata to the actual data transfer, to help accomodate this the stream may use the <file/> with an action of start and the correct id. The <file/> could be transported in the stream negotiations, or along side it. Although this spec does not mandate any specific methods to new stream authors, it does provide the syntax for the currently existing "iq:oob" system.
For an "iq:oob" transfer to be related to its metadata, a <file/> is transported along side the <query/>. The id used on the <file/> is the id for the metadata of the actual data that is being sent. The action on the <file/> is "start". An example of this can be found in the Basic Usage section.
The <file/> element is the "workhorse" element. This element is used to convey metadata and report file transfer actions. This elemnt contains attributes for file metadata and actions, and MAY contain a <desc/>, a <range/>, and zero or more <feature xmlns='jabber:iq:negotiate'/> (Feature Negotiation (XEP-0020) ) elements.
The "id" attribute specifies the identifier for this particular file transfer. This attribute MUST be present at all times. There are no value requirements other than it MUST be unique between the sender and receiver.
The "action" attribute specifies the action to undertake with the given file. This attribute SHOULD be present in most cases. If not present, the value "offer" is implied. The value of "action" MUST be one of the following:
|complete||The file transfer is complete.|
|get||The file transfer should start.|
|offer||The file transfer is offered (metadata MUST be present)|
|start||The file transfer is starting.|
|error||The file transfer has failed. The outlying error tag has more information.|
The "name" attribute specifies the file name. This attribute MUST be present if the action is "offer", otherwise it SHOULD NOT be present.
The "size" attribute specifies the file size, in bytes. This attribute MUST be present if the action is "offer", otherwise it SHOULD NOT be present.
The "mime-type" attribute specifies the MIME-type for the file. This attribute SHOULD be present if the action is "offer", otherwise it SHOULD NOT be present. The value of this attribute MUST follow the specification for MIME-types from RFC-2046 .
The "date" attribute specifies the file date. This attribute MAY be present if the action is "offer", otherwise it SHOULD NOT be present. The value MUST follow the specification for ISO 8601 date/time formats .
The "hash" attribute specifies the hash of the file contents. This attribute MAY be present if the action is "offer", otherwise it SHOULD NOT be present. The value MUST be an SHA1 hash of the file contents.
The <desc/> element contains a human-readable description of the file. This element has no attributes, and contains character data content.
The <range/> element describes range information for a partial transfer. This element has attributes to define the range length and range offset. This element contains no content.
The "length" attribute defines the range length, in bytes. This attribute MUST be present if the containing <file/> has an action value of "get", otherwise it SHOULD NOT be present. The value of this attribute MUST be an integer value and MUST be less than or equal to the (size + offset) of the file.
The "offset" attribute defines the range offset, in bytes. This attribute MAY be present if the containing <file/> has an action value of "get", otherwise it SHOULD NOT be present. If this attribute is not present, a value of 0 is implied. The value of this attribute MUST be an integer, MUST NOT be less than 0, and MUST be less than (size - length).
There are three main error conditions in file transfer. Following are the conditions, error codes and descriptions:
Data integrity can be checked with the sha1 of the file that is sent. This could be attacked via a man in the middle attack, but much more embarrasing things could result from that than a bad file. The wire integrity is left to the stream method.
The mime-type attribute on <file/> is a valid MIME type as controlled by the IANA.
The "http://jabber.org/protocol/filexfer" is the only namespace that needs to be registered with the JANA.
This document in other formats: XML PDF
This XMPP Extension Protocol is copyright © 1999 – 2018 by the XMPP Standards Foundation (XSF).
Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.
## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##
In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.
This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).
The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.
The primary venue for discussion of XMPP Extension Protocols is the <firstname.lastname@example.org> discussion list.
Discussion on other xmpp.org discussion lists might also be appropriate; see <http://xmpp.org/about/discuss.shtml> for a complete list.
Errata can be sent to <email@example.com>.
The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
Note: Older versions of this specification might be available at http://xmpp.org/extensions/attic/