Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-08-09 01:02:10 -04:00
Code Issues Projects Releases Packages Wiki Activity

Improve validation for send_{join,leave,knock} (#10225)

Browse source 
The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
This commit is contained in:
Richard van der Hoff 2021-06-24 15:30:49 +01:00 committed by GitHub
parent bd4919fb72
commit 6e8fb42be7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 136 additions and 187 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/handlers/test_federation.py
View file

@ -251,7 +251,7 @@ class FederationTestCase(unittest.HomeserverTestCase):
join_event.signatures[other_server] = {"x": "y"}
with LoggingContext("send_join"):
d = run_in_background(
self.handler.on_send_join_request, other_server, join_event
self.handler.on_send_membership_event, other_server, join_event
)
self.get_success(d)