MatrixSynapse/synapse
Richard van der Hoff 6e8fb42be7
Improve validation for `send_{join,leave,knock}` (#10225)
The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
2021-06-24 15:30:49 +01:00
..
_scripts Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
api MSC2918 Refresh tokens implementation (#9450) 2021-06-24 14:33:20 +01:00
app Ensure that errors during startup are written to the logs and the console. (#10191) 2021-06-21 11:41:25 +01:00
appservice Implement knock feature (#6739) 2021-06-09 19:39:51 +01:00
config MSC2918 Refresh tokens implementation (#9450) 2021-06-24 14:33:20 +01:00
crypto When joining a remote room limit the number of events we concurrently check signatures/hashes for (#10117) 2021-06-08 11:07:46 +01:00
events Fix wrapping of legacy check_registration_for_spam (#10238) 2021-06-23 17:22:08 +02:00
federation Improve validation for `send_{join,leave,knock}` (#10225) 2021-06-24 15:30:49 +01:00
groups Rewrite the KeyRing (#10035) 2021-06-02 16:37:59 +01:00
handlers Improve validation for `send_{join,leave,knock}` (#10225) 2021-06-24 15:30:49 +01:00
http Drop Origin & Accept from Access-Control-Allow-Headers value (#10114) 2021-06-23 11:25:03 +01:00
logging Expose opentracing trace id in response headers (#10199) 2021-06-18 11:43:22 +01:00
metrics opentracing: use a consistent name for background processes (#10135) 2021-06-07 17:57:49 +01:00
module_api MSC2918 Refresh tokens implementation (#9450) 2021-06-24 14:33:20 +01:00
push Split multiplart email sending into a dedicated handler (#9977) 2021-05-17 12:33:38 +02:00
replication MSC2918 Refresh tokens implementation (#9450) 2021-06-24 14:33:20 +01:00
res/templates Port "Allow users to click account renewal links multiple times without hitting an 'Invalid Token' page #74" from synapse-dinsic (#9832) 2021-04-19 19:16:34 +01:00
rest MSC2918 Refresh tokens implementation (#9450) 2021-06-24 14:33:20 +01:00
server_notices Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
spam_checker_api Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
state Use get_current_users_in_room from store and not StateHandler (#9910) 2021-05-05 16:49:34 +01:00
static Add initial support for a "pick your IdP" page (#9017) 2021-01-05 11:25:28 +00:00
storage MSC2918 Refresh tokens implementation (#9450) 2021-06-24 14:33:20 +01:00
streams Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
util Standardise the module interface (#10062) 2021-06-18 12:15:52 +01:00
__init__.py 1.37.0rc1 2021-06-23 09:38:27 +01:00
event_auth.py Implement knock feature (#6739) 2021-06-09 19:39:51 +01:00
notifier.py Improve opentracing annotations for Notifier (#10111) 2021-06-03 16:01:30 +01:00
python_dependencies.py Remove support for ACME v1 (#10194) 2021-06-17 18:56:48 +01:00
server.py Standardise the module interface (#10062) 2021-06-18 12:15:52 +01:00
types.py Ensure that we do not cache empty sync responses after a timeout (#10158) 2021-06-17 16:23:11 +01:00
visibility.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00