mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-10-01 08:25:44 -04:00
Check the user_id for presence/typing matches origin
This commit is contained in:
parent
2117c409a0
commit
8b93af662d
@ -651,6 +651,13 @@ class PresenceHandler(object):
|
||||
)
|
||||
continue
|
||||
|
||||
if get_domain_from_id(user_id) != origin:
|
||||
logger.info(
|
||||
"Got presence update from %r with bad 'user_id': %r",
|
||||
origin, user_id,
|
||||
)
|
||||
continue
|
||||
|
||||
presence_state = push.get("presence", None)
|
||||
if not presence_state:
|
||||
logger.info(
|
||||
|
@ -199,7 +199,14 @@ class TypingHandler(object):
|
||||
user_id = content["user_id"]
|
||||
|
||||
# Check that the string is a valid user id
|
||||
UserID.from_string(user_id)
|
||||
user = UserID.from_string(user_id)
|
||||
|
||||
if user.domain != origin:
|
||||
logger.info(
|
||||
"Got typing update from %r with bad 'user_id': %r",
|
||||
origin, user_id,
|
||||
)
|
||||
return
|
||||
|
||||
users = yield self.state.get_current_user_in_room(room_id)
|
||||
domains = set(get_domain_from_id(u) for u in users)
|
||||
|
Loading…
Reference in New Issue
Block a user