Merge pull request #7153 from matrix-org/babolivier/sso_whitelist_login_fallback

Always whitelist the login fallback for SSO
2025-05-02 12:56:02 -04:00 · 2020-03-27 15:34:41 +01:00 · 2020-03-27 15:34:41 +01:00 · 319c41f573
commit 319c41f573
parent 229eb81498 63aea691a7
4 changed files with 28 additions and 1 deletions
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@ -1392,6 +1392,10 @@ sso:
    # phishing attacks from evil.site. To avoid this, include a slash after the
    # hostname: "https://my.client/".
    #
+    # If public_baseurl is set, then the login fallback page (used by clients
+    # that don't natively support the required login flows) is whitelisted in
+    # addition to any URLs in this list.
+    #
    # By default, this list is empty.
    #
    #client_whitelist: