Commit Graph

346 Commits

Author SHA1 Message Date
David Teller
f14428b25c
Allow spam-checker modules to be provide async methods. ()
Spam checker modules can now provide async methods. This is implemented
in a backwards-compatible manner.
2020-12-11 14:05:15 -05:00
Aaron Raimist
cd9e72b185
Add X-Robots-Tag header to stop crawlers from indexing media ()
Fixes / related to: https://github.com/matrix-org/synapse/issues/6533

This should do essentially the same thing as a robots.txt file telling robots to not index the media repo. https://developers.google.com/search/reference/robots_meta_tag

Signed-off-by: Aaron Raimist <aaron@raim.ist>
2020-12-08 22:51:03 +00:00
Patrick Cloke
1f3748f033
Do not raise a 500 exception when previewing empty media. () 2020-12-07 10:00:08 -05:00
Patrick Cloke
df3e6a23a7
Do not 500 if the content-length is not provided when uploading media. ()
Instead return the proper 400 error.
2020-12-04 10:26:09 -05:00
Patrick Cloke
30fba62108
Apply an IP range blacklist to push and key revocation requests. ()
Replaces the `federation_ip_range_blacklist` configuration setting with an
`ip_range_blacklist` setting with wider scope. It now applies to:

* Federation
* Identity servers
* Push notifications
* Checking key validitity for third-party invite events

The old `federation_ip_range_blacklist` setting is still honored if present, but
with reduced scope (it only applies to federation and identity servers).
2020-12-02 11:09:24 -05:00
Erik Johnston
46f4be94b4
Fix race for concurrent downloads of remote media. ()
Fixes 
2020-10-30 10:55:24 +00:00
Dirk Klimpel
49d72dea2a
Add an admin api to delete local media. ()
Related to: , 

Add `DELETE /_synapse/admin/v1/media/<server_name>/<media_id>` to delete
a single file from server.
2020-10-26 17:02:28 +00:00
Andrew Morgan
3e58ce72b4
Don't bother responding to client requests that have already disconnected ()
This PR ports the quick fix from https://github.com/matrix-org/synapse/pull/2796 to further methods which handle media, URL preview and `/key/v2/server` requests. This prevents a harmless `ERROR` that comes up in the logs when we were unable to respond to a client request when the client had already disconnected. In this case we simply bail out if the client has already done so.

This is the 'simple fix' as suggested by https://github.com/matrix-org/synapse/issues/5304#issuecomment-574740003.

Fixes https://github.com/matrix-org/synapse/issues/6700
Fixes https://github.com/matrix-org/synapse/issues/5304
2020-10-06 10:03:39 +01:00
Richard van der Hoff
73d93039ff
Fix bug in remote thumbnail search ()
 changed the behaviour of remote thumbnails so that the thumbnailing method was included in the filename of the thumbnail. To support existing files, it included a fallback so that we would check the old filename if the new filename didn't exist.

Unfortunately, it didn't apply this logic to storage providers, so any thumbnails stored on such a storage provider was broken.
2020-10-02 12:29:29 +01:00
Richard van der Hoff
b1f4e6e4fc
fix a logging error in thumbnailer ()
Introduced in 
2020-10-01 13:34:24 +01:00
Will Hunt
c2bdf040aa
Discard an empty upload_name before persisting an uploaded file () 2020-09-29 12:15:27 -04:00
Richard van der Hoff
11c9e17738
Add type annotations to SimpleHttpClient () 2020-09-24 15:47:20 +01:00
Patrick Cloke
aec294ee0d
Use slots in attrs classes where possible ()
slots use less memory (and attribute access is faster) while slightly
limiting the flexibility of the class attributes. This focuses on objects
which are instantiated "often" and for short periods of time.
2020-09-14 12:50:06 -04:00
Patrick Cloke
d2a3eb04a4 Fix typos in comments. 2020-09-14 11:46:58 -04:00
Patrick Cloke
b312769c0e
Do not error when thumbnailing invalid files ()
If a file cannot be thumbnailed for some reason (e.g. the file is empty), then
catch the exception and convert it to a reasonable error message for the client.
2020-09-09 12:59:41 -04:00
DeepBlueV7.X
560f3b8609
Include method in thumbnail media name ()
This fixes an issue where different methods (crop/scale) overwrite each other.

This first tries the new path. If that fails and we are looking for a
remote thumbnail, it tries the old path. If that still isn't found, it
continues as normal.

This should probably be removed in the future, after some of the newer
thumbnails were generated with the new path on most deployments. Then
the overhead should be minimal if the other thumbnails need to be
regenerated.

Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
2020-09-08 17:19:50 +01:00
Patrick Cloke
c619253db8
Stop sub-classing object () 2020-09-04 06:54:56 -04:00
Patrick Cloke
4e874ed593
Remove unnecessary maybeDeferred calls () 2020-08-07 09:44:48 -04:00
David Vo
4dd27e6d11
Reduce unnecessary whitespace in JSON. () 2020-08-07 08:02:55 -04:00
Erik Johnston
a7bdf98d01
Rename database classes to make some sense () 2020-08-05 21:38:57 +01:00
Patrick Cloke
8ff2deda72
Fix async/await calls for broken media providers. () 2020-08-04 09:44:25 -04:00
Patrick Cloke
68626ff8e9
Convert the remaining media repo code to async / await. () 2020-07-27 14:40:11 -04:00
Patrick Cloke
3fc8fdd150
Support oEmbed for media previews. ()
Fixes previews of Twitter URLs by using their oEmbed endpoint to grab content.
2020-07-27 07:50:44 -04:00
Patrick Cloke
5ea29d7f85
Convert more of the media code to async/await () 2020-07-24 09:39:02 -04:00
Will Hunt
62b1ce8539
isort 5 compatibility ()
The CI appears to use the latest version of isort, which is a problem when isort gets a major version bump. Rather than try to pin the version, I've done the necessary to make isort5 happy with synapse.
2020-07-05 16:32:02 +01:00
Erik Johnston
5cdca53aa0
Merge different Resource implementation classes () 2020-07-03 19:02:19 +01:00
Erik Johnston
b44bdd7f7b
Support running multiple media repos. ()
This requires a new config option to specify which media repo should be
responsible for running background jobs to e.g. clear out expired URL
preview caches.
2020-06-17 14:13:30 +01:00
Patrick Cloke
434716e1d3
Fetch from the r0 media path instead of the unspecced v1. () 2020-06-17 08:36:46 -04:00
Dagfinn Ilmari Mannsåker
a3f11567d9
Replace all remaining six usage with native Python 3 equivalents () 2020-06-16 08:51:47 -04:00
Patrick Cloke
bd6dc17221
Replace iteritems/itervalues/iterkeys with native versions. () 2020-06-15 07:03:36 -04:00
Richard van der Hoff
d4676910c9 remove miscellaneous PY2 code 2020-05-15 19:37:41 +01:00
Michael Kaye
5308239d5d
Reduce logging verbosity of URL cache cleanup. () 2020-04-22 07:45:16 -04:00
Andrew Morgan
a48138784e
Allow specifying the value of Accept-Language header for URL previews () 2020-04-15 13:35:29 +01:00
Dionysis Grigoropoulos
96071eea8f
Set Referrer-Policy to no-referrer for media () 2020-03-23 09:48:28 +00:00
Patrick Cloke
caec7d4fa0
Convert some of the media REST code to async/await () 2020-03-20 07:20:02 -04:00
The Stranjer
5e477c1deb
Set charset to utf-8 when adding headers for certain text content types ()
Fixes 
2020-03-17 13:29:09 +00:00
Patrick Cloke
509e381afa
Clarify list/set/dict/tuple comprehensions and enforce via flake8 ()
Ensure good comprehension hygiene using flake8-comprehensions.
2020-02-21 07:15:07 -05:00
Richard van der Hoff
6b7462a13f
a bit of debugging for media storage providers ()
* a bit of debugging for media storage providers

* changelog
2020-01-23 12:11:44 +00:00
Brendan Abolivier
ed83c3a018
Fix typo in _select_thumbnail 2020-01-22 12:27:42 +00:00
Erik Johnston
b0a66ab83c
Fixup synapse.rest to pass mypy () 2020-01-20 17:38:21 +00:00
Erik Johnston
4a33a6dd19 Move background update handling out of store 2019-12-05 11:11:26 +00:00
Filip Štědronský
81731c6e75 Fix: Pillow error when uploading RGBA image () ()
Signed-Off-By: Filip Štědronský <g@regnarg.cz>
2019-12-02 12:12:55 +00:00
Richard van der Hoff
ef1a85e773
Fix startup error when http proxy is defined. ()
Guess I only tested this on python 2 :/

Fixes .
2019-11-26 18:10:50 +00:00
Andrew Morgan
3916e1b97a
Clean up newline quote marks around the codebase () 2019-11-21 12:00:14 +00:00
Richard van der Hoff
5570d1c93f
Merge pull request from matrix-org/rav/url_preview_limit_title_2
Fix exception when OpenGraph tag values are ints
2019-11-05 17:28:11 +00:00
Richard van der Hoff
81d49cbb07 Fix exception when OpenGraph tag values are ints 2019-11-05 17:22:58 +00:00
Richard van der Hoff
55a7da247a
Merge branch 'develop' into rav/url_preview_limit_title 2019-11-05 17:08:07 +00:00
Richard van der Hoff
e78167c94b
Apply suggestions from code review
Co-Authored-By: Brendan Abolivier <babolivier@matrix.org>
Co-Authored-By: Erik Johnston <erik@matrix.org>
2019-11-05 16:46:39 +00:00
Richard van der Hoff
e9bfe719ba Strip overlong OpenGraph data from url preview
... to stop people causing DoSes with malicious web pages
2019-11-05 15:51:18 +00:00
Richard van der Hoff
1cb84c6486
Support for routing outbound HTTP requests via a proxy ()
The `http_proxy` and `HTTPS_PROXY` env vars can be set to a `host[:port]` value which should point to a proxy.

The address of the proxy should be excluded from IP blacklists such as the `url_preview_ip_range_blacklist`.

The proxy will then be used for
 * push
 * url previews
 * phone-home stats
 * recaptcha validation
 * CAS auth validation

It will *not* be used for:
 * Application Services
 * Identity servers
 * Outbound federation
 * In worker configurations, connections from workers to masters

Fixes .
2019-11-01 14:07:44 +00:00