OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity
MatrixSynapse/synapse
History
Denis Kasak 2476d5373c
Mitigate media repo XSSs on IE11. (#10468) 
IE11 doesn't support Content-Security-Policy but it has support for
a non-standard X-Content-Security-Policy header, which only supports the
sandbox directive. This prevents script execution, so it at least offers
some protection against media repo-based attacks.

Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
 		2021-07-27 13:45:10 +02:00
..
_scripts
api Update the MSC3083 support to verify if joins are from an authorized server. (#10254) 2021-07-26 12:17:00 -04:00
app
appservice
config
crypto
events
federation Update the MSC3083 support to verify if joins are from an authorized server. (#10254) 2021-07-26 12:17:00 -04:00
groups
handlers Update the MSC3083 support to verify if joins are from an authorized server. (#10254) 2021-07-26 12:17:00 -04:00
http
logging
metrics
module_api
push
replication
res/templates
rest Mitigate media repo XSSs on IE11. (#10468) 2021-07-27 13:45:10 +02:00
server_notices
spam_checker_api
state Add type hints to state handler. (#10482) 2021-07-26 12:49:53 -04:00
static
storage Add type hints to state handler. (#10482) 2021-07-26 12:49:53 -04:00
streams
util
__init__.py 1.39.0rc2 2021-07-22 15:43:26 +01:00
event_auth.py Update the MSC3083 support to verify if joins are from an authorized server. (#10254) 2021-07-26 12:17:00 -04:00
notifier.py
python_dependencies.py
server.py
types.py
visibility.py