Monday, July 21, 2008

Contributor Wishlist

Being that Soashable is an Open Source project, there is limited money and manpower to make things happen. If I had contributors to Soashable, I would wish for:

A Logo
Probably the most hated part of Soashable is the logo. I'm not one for graphic or UI design, and am not capable of doing anything myself to improve the situation.

Tutorials and High Level Documentation
I've not done a lot to communicate what Soashable actually is because I've been busy trying to make a solid piece of software. I'm trying to put emphasis there now.

Facebook Chat-like Interface
I've been calling on people I know to implement this since Facebook Chat was announced and sneek-previewed on YouTube. Meebo now has a spitting image of what I hoped to deliver with Soashable.

It would be nice to not have to pay for Soashable's infrastructure and maintain it myself. I'd rather just code and try out new ideas.

Xmmp4Js with Chaining API
This is a fun research item, but this weekend I had the idea of meshing jQuery-like function chaining with an API for XMPP. The result would look something like this:
$xmpp.connect("").login({node: "harlan", password: "zzzzz", method: "sasl-md5"});
$xmpp.createMessage({to: "".asJid(), body: "Sup player"}).addExtension({xtype:"xhtml",body: "Sup <b>player</b>"}).send();
$xmpp.createMessage({to: "".asJid()}).addExtension({xtype:"buddystates",state: "typing"}).send();
I'd love to make this wrap and maybe replace the existing inheritance based API. Read this article.

Thursday, July 17, 2008

New SSL Certificate

I got a signed SSL certificate from the Jabber Foundation / XMPP Federation. It works in most browsers except Opera, IE, and Safari on Windows for the time being. Apparently there are political issues surrounding getting the CA cert into the Windows trust store, but it should be supported in the near future. Here is an official but partial list of supported browsers; one not on the list is Safari for Windows.

For those who are affected by this, here is how to add the root CA to your trust store and make secure connections work: PDF.

Big thanks to the Jabber Foundation for the the help!

Tuesday, July 15, 2008


Just a shout out to Userplane; they have been getting a lot of good press lately. I finally took the time to check out their site in depth. They are offering some nice products similar to the direction I am working toward with Soashable. Their offerings are closed source, which is of course their right. Soashable will always be Open Source and I imagine playing catch-up with offerings from other companies unless more people get involved with the project.

Here are a few of their interesting products (headers are links):

Web Chat

This is a simple, free embedded chat room similar to the old idea of tagboards. In some ways it is also like a light version of the MeeboMe widget.

Web Messenger

This is the product that has been getting the great reviews lately. It is similar to the MeeboMe widget crossed with Facebook chat. It is free with ad support, and reasonably priced otherwise.


This is an interesting idea and actually one of the next ideas I was going to suggest with the recently added support for x-domain connections to Xmpp4Js. There is no free version of this product.

Sunday, July 13, 2008

Robot Olympics: Anti-Spim Device for Soashable

Soashable has been attacked by spimmers (IM spammers) twice now. The first time I was short on time, and a quick fix was to close down regular XMPP ports. Now that Soashable is essentially my full time unjob, I have some time to tinker.

I implemented a bare bones anti-spim device. It is loosely based on XEP-0158. Each time you start a new conversation with somebody you must complete a text-based challenge provided by

I plan to fully support legacy and non-legacy qa and possibly hashcash mechanisms. I will thus improve the GUI around completing challenges, so it is its own dialog or panel in the IM window. It would be possible to implement image captcha (ocr), but it doesn't seem worth while right now. I will also take ideas from XEP-0159 to more intelligently run tests (eg. no tests if you are in the remote person's roster, etc).

Source code for the Openfire plugin is available in SVN here (browse), and I will wrap it up for a stand alone release at some point.

Monday, July 7, 2008

Removed ExtJS Dependency

Due to licensing issues, I have been meaning to get away from using ExtJS for a while. The GPL which ExtJS is licensed under is not compatible with LGPL and Apache, which Xmpp4Js is licensed under. I finally managed it today, as of revision 734. Much of the code was pulled from YUI, which is under the BSD license.

Something that I plan to do sometime is create a changeable adapter layer for Xmpp4Js.

The Soashable application will continue using ExtJS for the foreseeable future, being that it is itself licensed under the GPL.

Saturday, July 5, 2008

Cross-Domain Xmpp4Js

I started implementing cross-domain functionality for xmpp4js. This will remove the requirement of running your own BOSH Servlet/proxy on the same domain as a Soashable installation. Instead, clients can now connect directly to the BOSH implementation of Openfire or ejabberd with no special proxy or Servlet.

This is accomplished by implementing the Alternative Script Syntax section of XEP-0124, which I did not know existed before =). The changes are in trunk, but in the spirit of Agile they are implemented in a way that works but is not elegant; I'll be working on that soon. It works in all major browers (though it limps in Opera for some reason).

There is an online demo here.

The biggest problem I've had is with "invalid" or "self-signed" SSL certificate warnings, which do not pop-up a warning in Safari or FF3 like they do in FF2. I am working on getting a real certificate.

Another interesting problem I faced was connections closing when I expanded the DOM element for the inserted <script> tag in Firebug's Inspector view. It seems that this prematurely closed the HTTP polling connection and interrupted the entire session.

It's become apparent that I need to work on protocol error handling.