Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-12-15 15:08:48 -05:00
Code Issues Projects Releases Packages Wiki Activity

Improve validation for send_{join,leave,knock} (#10225)

Browse source 
The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
This commit is contained in:
Richard van der Hoff 2021-06-24 15:30:49 +01:00 committed by GitHub
parent bd4919fb72
commit 6e8fb42be7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 136 additions and 187 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/replication/test_federation_sender_shard.py
View file

@ -228,7 +228,7 @@ class FederationSenderTestCase(BaseMultiWorkerStreamTestCase):
builder.build(prev_event_ids=prev_event_ids, auth_event_ids=None)
)
self.get_success(federation.on_send_join_request(remote_server, join_event))
self.get_success(federation.on_send_membership_event(remote_server, join_event))
self.replicate()
return room