Add some more comments appservice user registration

Explain why we don't validate userids registered via app services
2017-11-10 12:39:45 +00:00 · 2017-11-10 12:39:45 +00:00 · e508145c9b
parent e0ebd1e4bd
commit e508145c9b
1 changed files with 4 additions and 1 deletions
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@ -225,7 +225,10 @@ class RegisterRestServlet(RestServlet):
            # fallback to 'username' if they gave one.
            desired_username = body.get("user", desired_username)

-            # XXX we should check that desired_username is valid
+            # XXX we should check that desired_username is valid. Currently
+            # we give appservices carte blanche for any insanity in mxids,
+            # because the IRC bridges rely on being able to register stupid
+            # IDs.

            access_token = get_access_token_from_request(request)