diff --git a/README.rst b/README.rst index bcee5f2a0c..a748d6cacc 100644 --- a/README.rst +++ b/README.rst @@ -558,14 +558,14 @@ time. URL Previews ============ -Synapse 0.15.0 introduces an experimental new API for previewing URLs at -/_matrix/media/r0/preview_url. This is disabled by default. To turn it on -you must enable the `url_preview_enabled: True` config parameter and explicitly -specify the IP ranges that Synapse is not allowed to spider for previewing in -the `url_preview_ip_range_blacklist` configuration parameter. This is critical -from a security perspective to stop arbitrary Matrix users spidering 'internal' -URLs on your network. At the very least we recommend that your loopback and -RFC1918 IP addresses are blacklisted. +Synapse 0.15.0 introduces a new API for previewing URLs at +``/_matrix/media/r0/preview_url``. This is disabled by default. To turn it on +you must enable the ``url_preview_enabled: True`` config parameter and +explicitly specify the IP ranges that Synapse is not allowed to spider for +previewing in the ``url_preview_ip_range_blacklist`` configuration parameter. +This is critical from a security perspective to stop arbitrary Matrix users +spidering 'internal' URLs on your network. At the very least we recommend that +your loopback and RFC1918 IP addresses are blacklisted. This also requires the optional lxml and netaddr python dependencies to be installed. @@ -579,7 +579,7 @@ server, they can request a password-reset token via clients such as Vector. A manual password reset can be done via direct database access as follows. -First calculate the hash of the new password: +First calculate the hash of the new password:: $ source ~/.synapse/bin/activate $ ./scripts/hash_password @@ -587,7 +587,7 @@ First calculate the hash of the new password: Confirm password: $2a$12$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -Then update the `users` table in the database: +Then update the `users` table in the database:: UPDATE users SET password_hash='$2a$12$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' WHERE name='@test:test.com';