XMPP: how to post messages over HTTP

I have activated the http_message module which allows posting Jabber messages via HTTP.

The API is currently available at these addresses:
The ports may change; I’ll post here if that happens.

To use this API, you must send a Basic authenticated POST with an XMPP message element as the payload. Here is an example using curl:

$ curl 'http://im.wordpress.org:5280/message' -u 'andy@im.wordpress.org' --data-binary '<message to="andy@im.wordpress.com"><body>yo</body></message>' -i
Enter host password for user 'andy@im.wordpress.org':
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 3


I recommend using XHTML-IM to format messages for clients that can render HTML. Example:

$ curl 'http://im.wordpress.org:5280/message' -u 'andy@im.wordpress.org' --data-binary '<message to="andy@im.wordpress.com" from="andy@im.wordpress.org"><body>yo!</body><html xmlns="http://jabber.org/protocol/xhtml-im"><body xmlns="http://www.w3.org/1999/xhtml"><em>yo!</em></body></html></message>'

If you want to send an identical message to multiple recipients, you can achieve this with one POST via the multicast address. We have a non-standard implementation of Extended Stanza Addressing that basically treats every address as a BCC. Multicast is only available to users who have been granted permission. Example:

$ curl 'https://im.wordpress.org:5284/message' -u 'andy@im.wordpress.org' --data-binary '<message to="multicast"><addresses><address jid="andy@im.wordpress.com"/><address jid="skeltoac@gmail.com"/></addresses><body>yo</body></message>'

This API also allows privileged users to forge the sender address. This is used on WordPress.com so that it looks like notifications come from a blog’s domain, even though XMPP services are not available on that domain. To use this feature, include the “from” attribute.

$ curl 'http://im.wordpress.org:5280/message' -u 'andy@im.wordpress.org' --data-binary '<message to="andy@im.wordpress.org" from="ticket-123@trac"><body>yo</body></message>'

Note that messages sent to a JID on a remote Jabber server (e.g. gtalk) won’t go through if the sender’s domain is changed. So if you want to forge the sender, you have to treat remote JIDs differently.

Any questions so far?