Jingle (XEP-0166)  defines a framework for negotiating and managing out-of-band data sessions over XMPP. In order to provide a flexible framework, the base Jingle specification defines neither data transport methods nor application formats, leaving that up to separate specifications.
The current document defines two transport methods for establishing and managing data exchanges between XMPP entities using the Hyper Text Transfer Protocol (HTTP, see RFC 2616 ); one method is for sharing via pulling data from an HTTP URI (http-download), and the other is for sharing via pushing data to an HTTP URI (http-upload).
Historically, Out-of-Band Data (XEP-0066)  has been used to trigger downloading files via HTTP, as well as initiating the use of any other known URI scheme. However, it has several limitations:
As such, this document defines two Jingle mechanisms designed to meet the following requirements:
In accordance with Section 12 of XEP-0166, this document specifies the following information related to both the Jingle http-download and http-upload transport methods:
The transport negotiation process for http-download is defined in the Negotiating HTTP Download section of this document, and the negotation process for http-upload is defined in the Negotiating HTTP Upload section of this document.
The semantics of the <transport/> element are defined in the Negotiating HTTP Download and Negotiating HTTP Upload sections of this document.
Successful negotiation of both the http-download and http-upload methods results in use of a streaming transport method suitable for use in Jingle application types where packet loss cannot be tolerated (e.g., file transfer).
Multiple components are not supported by http-download or http-upload.
Negotiating HTTP downloads is done by using a <transport/> element with the 'urn:xmpp:jingle:transports:http:0' namespace, (see Namespace Versioning regarding the possibility of incrementing the version number). This element MAY include <candidate/> elements which represent URIs where data can be downloaded. Each <candidate/> element MUST include a 'uri' attribute, and MAY contain <header/> elements whose 'name' attribute is an HTTP header and whose text content is the HTTP header value.
Multiple candidates MAY be provided, indicating that there are multiple URIs from which the data can be retrieved (e.g. multiple candidates could be included to list the primary URI of a file along with several known mirrors).
The generation of candidates is based on the Jingle content senders, and only the parties specified to send data SHOULD provide candidates.
Upon receiving an HTTP download candidate, parties that are to receive data (based on the Jingle content senders) SHOULD use an HTTP GET request to the candidate URI to fetch the data.
Entities MAY initially provide an empty set of candidates if a suitable download URI is not yet known; advertising candidates later is done with transport-info actions.
|Content Creator||Content Senders||Who Sends Download Candidates||Who performs HTTP GET|
Negotiating HTTP uploads is done by using a <transport/> element with the 'urn:xmpp:jingle:transports:http:upload:0' namespace, (see Namespace Versioning regarding the possibility of incrementing the version number). This element MAY include a <candidate/> element which represents a URI where data can be uploaded. The <candidate/> element MUST include a 'uri' attribute, and MAY contain <header/> elements whose 'name' attribute is an HTTP header and whose text content is the HTTP header value.
The generation of candidates is based on the Jingle content senders, and only the parties specified to receive data SHOULD provide candidates.
Upon receiving an HTTP upload candidate, parties that are to send data (based on the Jingle content senders) SHOULD use an HTTP PUT request to the candidate URI, where the request body is the data to be transferred.
|Content Creator||Content Senders||Who Sends Upload Candidates||Who Performs HTTP PUT|
See Upload Complete for signaling that the upload process has been completed.
A common case for using http-upload is to delegate the storage of the uploaded data to an external hosting service, which means that the receiver might not have the direct ability to know when the uploaded data is ready.
As such, when an upload transfer is used, the party uploading content SHOULD signal when the upload has completed by sending a Jingle transport-info event that specifies the content for which uploading has completed, and includes a <transport/> element qualified by the 'urn:xmpp:jingle:transports:http:upload:0' namespace, which in turn contains a <completed /> element.
Here, Romeo is offering to send a file to Juliet, so he includes a download URI candidate with his session-initiate.
Juliet accepts the offer, and then performs an HTTP GET to retrieve the file.
Here Romeo is requesting Juliet to send a file by sharing a download URI.
Juliet accepts the request, and includes a download URI in her session-accept.
Romeo then retrieves the file using an HTTP GET request.
In this case, Romeo is offering a file to Juliet but wishes to upload it to her.
Juliet accepts, and provides a candidate with an upload URI that includes an authorization header.
Romeo now uses an HTTP PUT to upload his file. Once the upload is complete, he informs Juliet so she knows the file is ready for to read.
Here Romeo asks Juliet to upload a file.
Juliet accepts the session, and begins uploading the file data with an HTTP PUT request.
Once the upload is complete, she informs Romeo that she has completed the upload so that he knows he can access the data he requested.
To advertise its support for the Jingle HTTP Transport Method, when replying to Service Discovery (XEP-0030)  information requests an entity MUST return URNs for any version of this protocol that the entity supports -- e.g., "urn:xmpp:jingle:transports:http:0" for this version (see Namespace Versioning regarding the possibility of incrementing the version number).
In order for an application to determine whether an entity supports this protocol, where possible it SHOULD use the dynamic, presence-based profile of service discovery defined in Entity Capabilities (XEP-0115) . However, if an application has not received entity capabilities information from an entity, it SHOULD use explicit service discovery instead.
HTTP URI candidates SHOULD use the "https://" URI scheme instead of "http://", and entities MAY refuse to process URIs that are not "https://".
Certain HTTP headers can cause unintended behaviour, such as using the 'Upgrade' header to trigger a conversion to WebSocket (RFC 6455 ).
No interaction with the Internet Assigned Numbers Authority (IANA)  is required as a result of this document.
This specification defines the following XML namespaces:
The XMPP Registrar  includes the foregoing namespace in its registry of protocol namespaces at <https://xmpp.org/registrar/namespaces.html>, as described in Section 4 of XMPP Registrar Function (XEP-0053) .
If the protocol defined in this specification undergoes a revision that is not fully backwards-compatible with an older version, the XMPP Registrar shall increment the protocol version number found at the end of the XML namespaces defined herein, as described in Section 4 of XEP-0053.
This document in other formats: XML PDF
This XMPP Extension Protocol is copyright © 1999 – 2020 by the XMPP Standards Foundation (XSF).
Permission is hereby granted, free of charge, to any person obtaining a copy of this specification (the "Specification"), to make use of the Specification without restriction, including without limitation the rights to implement the Specification in a software program, deploy the Specification in a network service, and copy, modify, merge, publish, translate, distribute, sublicense, or sell copies of the Specification, and to permit persons to whom the Specification is furnished to do so, subject to the condition that the foregoing copyright notice and this permission notice shall be included in all copies or substantial portions of the Specification. Unless separate permission is granted, modified works that are redistributed shall not contain misleading information regarding the authors, title, number, or publisher of the Specification, and shall not claim endorsement of the modified works by the authors, any organization or project to which the authors belong, or the XMPP Standards Foundation.
## NOTE WELL: This Specification is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. ##
In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising from, out of, or in connection with the Specification or the implementation, deployment, or other use of the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.
This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which can be found at <https://xmpp.org/about/xsf/ipr-policy> or obtained by writing to XMPP Standards Foundation, P.O. Box 787, Parker, CO 80134 USA).
The Extensible Messaging and Presence Protocol (XMPP) is defined in the XMPP Core (RFC 6120) and XMPP IM (RFC 6121) specifications contributed by the XMPP Standards Foundation to the Internet Standards Process, which is managed by the Internet Engineering Task Force in accordance with RFC 2026. Any protocol defined in this document has been developed outside the Internet Standards Process and is to be understood as an extension to XMPP rather than as an evolution, development, or modification of XMPP itself.
The primary venue for discussion of XMPP Extension Protocols is the <firstname.lastname@example.org> discussion list.
Discussion on other xmpp.org discussion lists might also be appropriate; see <http://xmpp.org/about/discuss.shtml> for a complete list.
Errata can be sent to <email@example.com>.
The following requirements keywords as used in this document are to be interpreted as described in RFC 2119: "MUST", "SHALL", "REQUIRED"; "MUST NOT", "SHALL NOT"; "SHOULD", "RECOMMENDED"; "SHOULD NOT", "NOT RECOMMENDED"; "MAY", "OPTIONAL".
9. The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols, such as port numbers and URI schemes. For further information, see <http://www.iana.org/>.
10. The XMPP Registrar maintains a list of reserved protocol namespaces as well as registries of parameters used in the context of XMPP extension protocols approved by the XMPP Standards Foundation. For further information, see <https://xmpp.org/registrar/>.
Note: Older versions of this specification might be available at http://xmpp.org/extensions/attic/
Initial published version approved by the XMPP Council.
Renamed <uploaded/> to <completed/>, and made it a child of the <transport/> element in transport-info events.