forked-synapse/synapse/rest
Denis Kasak 2476d5373c
Mitigate media repo XSSs on IE11. (#10468)
IE11 doesn't support Content-Security-Policy but it has support for
a non-standard X-Content-Security-Policy header, which only supports the
sandbox directive. This prevents script execution, so it at least offers
some protection against media repo-based attacks.

Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
2021-07-27 13:45:10 +02:00
..
admin Add creation_ts to list users admin API (#10448) 2021-07-22 16:05:16 +02:00
client Support MSC2033: Device ID on whoami (#9918) 2021-07-27 05:28:20 +00:00
consent Add a return type to parse_string. (#10438) 2021-07-21 09:47:56 -04:00
key Use inline type hints in handlers/ and rest/. (#10382) 2021-07-16 18:22:36 +01:00
media Mitigate media repo XSSs on IE11. (#10468) 2021-07-27 13:45:10 +02:00
synapse Use inline type hints in handlers/ and rest/. (#10382) 2021-07-16 18:22:36 +01:00
__init__.py Remove the experimental flag for knocking and use stable prefixes / endpoints. (#10167) 2021-06-15 07:45:14 -04:00
health.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00
well_known.py Remove redundant "coding: utf-8" lines (#9786) 2021-04-14 15:34:27 +01:00