forked-synapse/synapse/rest/client/v2_alpha
Andrew Morgan 094896a69d
Add a config option for validating 'next_link' parameters against a domain whitelist (#8275)
This is a config option ported over from DINUM's Sydent: https://github.com/matrix-org/sydent/pull/285

They've switched to validating 3PIDs via Synapse rather than Sydent, and would like to retain this functionality.

This original purpose for this change is phishing prevention. This solution could also potentially be replaced by a similar one to https://github.com/matrix-org/synapse/pull/8004, but across all `*/submit_token` endpoint.

This option may still be useful to enterprise even with that safeguard in place though, if they want to be absolutely sure that their employees don't follow links to other domains.
2020-09-08 16:03:09 +01:00
..
__init__.py copyrights 2016-01-07 04:26:29 +00:00
_base.py Do not convert async functions to Deferreds in the interactive_auth_handler (#7944) 2020-07-24 09:43:49 -04:00
account_data.py Support GET account_data requests on a worker (#7311) 2020-04-21 10:46:30 +01:00
account_validity.py Ensure that HTML pages served from Synapse include headers to avoid embedding. 2020-07-02 09:58:31 -04:00
account.py Add a config option for validating 'next_link' parameters against a domain whitelist (#8275) 2020-09-08 16:03:09 +01:00
auth.py Ensure that HTML pages served from Synapse include headers to avoid embedding. 2020-07-02 09:58:31 -04:00
capabilities.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
devices.py Support SAML in the user interactive authentication workflow. (#7102) 2020-04-01 08:48:00 -04:00
filter.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
groups.py Ensure a group ID is valid before trying to get rooms for it. (#8129) 2020-08-20 06:41:32 -04:00
keys.py Fix encryption algorithm typos in tests/comments (#7637) 2020-06-04 20:03:40 +01:00
notifications.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
openid.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
password_policy.py Allow server admins to define and enforce a password policy (MSC2000). (#7118) 2020-03-26 16:51:13 +00:00
read_marker.py Port receipt and read markers to async/wait 2019-10-29 15:08:22 +00:00
receipts.py Port receipt and read markers to async/wait 2019-10-29 15:08:22 +00:00
register.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
relations.py Stop shadow-banned users from sending non-member events. (#8142) 2020-08-24 13:58:56 -04:00
report_event.py Replace all remaining six usage with native Python 3 equivalents (#7704) 2020-06-16 08:51:47 -04:00
room_keys.py Ensure is_verified on /_matrix/client/r0/room_keys/keys is a boolean (#7150) 2020-03-27 13:30:22 +00:00
room_upgrade_rest_servlet.py Stop shadow-banned users from sending non-member events. (#8142) 2020-08-24 13:58:56 -04:00
sendtodevice.py Fixup synapse.rest to pass mypy (#6732) 2020-01-20 17:38:21 +00:00
shared_rooms.py Add /user/{user_id}/shared_rooms/ api (#7785) 2020-09-02 13:18:40 +01:00
sync.py Re-implement unread counts (again) (#8059) 2020-09-02 17:19:37 +01:00
tags.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
thirdparty.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
tokenrefresh.py Port rest.client.v2 2019-12-05 16:56:23 +00:00
user_directory.py Port rest.client.v2 2019-12-05 16:56:23 +00:00