From 1e101ed4a45bad68f4865229e0c8d617fed67065 Mon Sep 17 00:00:00 2001
From: Mark Haines <mark.haines@matrix.org>
Date: Mon, 21 Sep 2015 14:13:10 +0100
Subject: [PATCH] Clamp the "to" token for /rooms/{roomId}/messages to when the
 user left the room.

There isn't a way for the client to learn a valid "to" token for a room
that they have left in the C-S API but that doesn't stop a client making
one up.
---
 synapse/handlers/message.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index 5d18aaacf..bca592f5d 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -120,6 +120,10 @@ class MessageHandler(BaseHandler):
             if source_config.direction == "f":
                 if source_config.to_key is None:
                     source_config.to_key = str(leave_token)
+                else:
+                    to_token = RoomStreamToken.parse(source_config.to_key)
+                    if leave_token.topological < to_token.topological:
+                        source_config.to_key = str(leave_token)
 
         yield self.hs.get_handlers().federation_handler.maybe_backfill(
             room_id, room_token.topological