ConverseJS is a free, extensible, and feature-rich Web browser-based XMPP client. Its focus on easy integration with existing Web sites makes it a relatively simple way to add XMPP/Jabber instant messaging support to Web-based services, and a number of pre-existing integrations have already been packaged, such as a module for Prosody, a plugin for WordPress, and a plugin for Roundcube. Notably, ConverseJS also supports OMEMO in one-to-one chat messages as well as non-anonymous members-only MUC rooms, and works well in the Tor Browser.
In the simplest case, updating ConverseJS is just a matter of updating the distribution files on the HTTP server serving them to clients. For instance:
git --git-dir /usr/local/src/converse.js.git pull # Fetch and merge the latest upstream changes. # Write the `HEAD` (or any other commit-ish, such as a tag) to the `--work-tree` path. git --git-dir /usr/local/src/converse.js.git --work-tree /var/www/path/to/conversejs checkout HEAD -- .
As ConverseJS is a Web-based client, it is inherently susceptible to vulnerabilities in the nature of Web-based tools. These include compromised CDN sources, cross-site issues (e.g., XSS, CSRF), and more.
integrityattribute when loading the ConverseJS script from a CDN.
The AnarchoTech NYC collective provides an Ansible role for provisioning a ConverseJS client atop a Prosody server that runs on a Raspberry Pi. It can be installed in your local
$ANSIBLE_ROLES_PATH (see Ansible Configuration Settings) for use with an Ansible project with:
ansible-galaxy install https://github.com/AnarchoTechNYC/ansible-role-prosody-conversejs/archive/master.tar.gz