Extend web_client_location to handle absolute URLs (#7006)
Log warning when filesystem path is used. Signed-off-by: Martin Milata <martin@martinmilata.cz>pull/7219/head
parent
334bfdbc90
commit
b0db928c63
|
@ -0,0 +1 @@
|
||||||
|
Extend the `web_client_location` option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata.
|
|
@ -33,10 +33,15 @@ server_name: "SERVERNAME"
|
||||||
#
|
#
|
||||||
pid_file: DATADIR/homeserver.pid
|
pid_file: DATADIR/homeserver.pid
|
||||||
|
|
||||||
# The path to the web client which will be served at /_matrix/client/
|
# The absolute URL to the web client which /_matrix/client will redirect
|
||||||
# if 'webclient' is configured under the 'listeners' configuration.
|
# to if 'webclient' is configured under the 'listeners' configuration.
|
||||||
#
|
#
|
||||||
#web_client_location: "/path/to/web/root"
|
# This option can be also set to the filesystem path to the web client
|
||||||
|
# which will be served at /_matrix/client/ if 'webclient' is configured
|
||||||
|
# under the 'listeners' configuration, however this is a security risk:
|
||||||
|
# https://github.com/matrix-org/synapse#security-note
|
||||||
|
#
|
||||||
|
#web_client_location: https://riot.example.com/
|
||||||
|
|
||||||
# The public-facing base URL that clients use to access this HS
|
# The public-facing base URL that clients use to access this HS
|
||||||
# (not including _matrix/...). This is the same URL a user would
|
# (not including _matrix/...). This is the same URL a user would
|
||||||
|
|
|
@ -241,16 +241,26 @@ class SynapseHomeServer(HomeServer):
|
||||||
resources[SERVER_KEY_V2_PREFIX] = KeyApiV2Resource(self)
|
resources[SERVER_KEY_V2_PREFIX] = KeyApiV2Resource(self)
|
||||||
|
|
||||||
if name == "webclient":
|
if name == "webclient":
|
||||||
webclient_path = self.get_config().web_client_location
|
webclient_loc = self.get_config().web_client_location
|
||||||
|
|
||||||
if webclient_path is None:
|
if webclient_loc is None:
|
||||||
logger.warning(
|
logger.warning(
|
||||||
"Not enabling webclient resource, as web_client_location is unset."
|
"Not enabling webclient resource, as web_client_location is unset."
|
||||||
)
|
)
|
||||||
|
elif webclient_loc.startswith("http://") or webclient_loc.startswith(
|
||||||
|
"https://"
|
||||||
|
):
|
||||||
|
resources[WEB_CLIENT_PREFIX] = RootRedirect(webclient_loc)
|
||||||
else:
|
else:
|
||||||
|
logger.warning(
|
||||||
|
"Running webclient on the same domain is not recommended: "
|
||||||
|
"https://github.com/matrix-org/synapse#security-note - "
|
||||||
|
"after you move webclient to different host you can set "
|
||||||
|
"web_client_location to its full URL to enable redirection."
|
||||||
|
)
|
||||||
# GZip is disabled here due to
|
# GZip is disabled here due to
|
||||||
# https://twistedmatrix.com/trac/ticket/7678
|
# https://twistedmatrix.com/trac/ticket/7678
|
||||||
resources[WEB_CLIENT_PREFIX] = File(webclient_path)
|
resources[WEB_CLIENT_PREFIX] = File(webclient_loc)
|
||||||
|
|
||||||
if name == "metrics" and self.get_config().enable_metrics:
|
if name == "metrics" and self.get_config().enable_metrics:
|
||||||
resources[METRICS_PREFIX] = MetricsResource(RegistryProxy)
|
resources[METRICS_PREFIX] = MetricsResource(RegistryProxy)
|
||||||
|
|
|
@ -604,10 +604,15 @@ class ServerConfig(Config):
|
||||||
#
|
#
|
||||||
pid_file: %(pid_file)s
|
pid_file: %(pid_file)s
|
||||||
|
|
||||||
# The path to the web client which will be served at /_matrix/client/
|
# The absolute URL to the web client which /_matrix/client will redirect
|
||||||
# if 'webclient' is configured under the 'listeners' configuration.
|
# to if 'webclient' is configured under the 'listeners' configuration.
|
||||||
#
|
#
|
||||||
#web_client_location: "/path/to/web/root"
|
# This option can be also set to the filesystem path to the web client
|
||||||
|
# which will be served at /_matrix/client/ if 'webclient' is configured
|
||||||
|
# under the 'listeners' configuration, however this is a security risk:
|
||||||
|
# https://github.com/matrix-org/synapse#security-note
|
||||||
|
#
|
||||||
|
#web_client_location: https://riot.example.com/
|
||||||
|
|
||||||
# The public-facing base URL that clients use to access this HS
|
# The public-facing base URL that clients use to access this HS
|
||||||
# (not including _matrix/...). This is the same URL a user would
|
# (not including _matrix/...). This is the same URL a user would
|
||||||
|
|
Loading…
Reference in New Issue