synapse-product/synapse/config
Andrew Morgan 094896a69d
Add a config option for validating 'next_link' parameters against a domain whitelist (#8275)
This is a config option ported over from DINUM's Sydent: https://github.com/matrix-org/sydent/pull/285

They've switched to validating 3PIDs via Synapse rather than Sydent, and would like to retain this functionality.

This original purpose for this change is phishing prevention. This solution could also potentially be replaced by a similar one to https://github.com/matrix-org/synapse/pull/8004, but across all `*/submit_token` endpoint.

This option may still be useful to enterprise even with that safeguard in place though, if they want to be absolutely sure that their employees don't follow links to other domains.
2020-09-08 16:03:09 +01:00
..
__init__.py Let synctl use a config directory. (#5904) 2019-08-28 15:55:58 +01:00
__main__.py isort 5 compatibility (#7786) 2020-07-05 16:32:02 +01:00
_base.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
_base.pyi Revert "Add experimental support for sharding event persister. (#8170)" (#8242) 2020-09-04 10:19:42 +01:00
_util.py Implement login blocking based on SAML attributes (#8052) 2020-08-11 16:08:10 +01:00
api.py Refactor HomeserverConfig so it can be typechecked (#6137) 2019-10-10 09:39:35 +01:00
appservice.py Replace all remaining six usage with native Python 3 equivalents (#7704) 2020-06-16 08:51:47 -04:00
cache.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
captcha.py Fix some DETECTED VIOLATIONS in the config file (#7550) 2020-05-22 10:11:50 +01:00
cas.py cas: support setting display name (#6114) 2019-10-11 12:33:12 +01:00
consent_config.py Add config linting script that checks for bool casing (#6203) 2019-10-23 13:22:54 +01:00
database.py Rename database classes to make some sense (#8033) 2020-08-05 21:38:57 +01:00
emailconfig.py Use the default templates when a custom template file cannot be found (#8037) 2020-08-17 17:05:00 +01:00
federation.py Update worker docs with recent enhancements (#7969) 2020-07-29 23:22:13 +01:00
groups.py Refactor HomeserverConfig so it can be typechecked (#6137) 2019-10-10 09:39:35 +01:00
homeserver.py Update worker docs with recent enhancements (#7969) 2020-07-29 23:22:13 +01:00
jwt_config.py Add the option to validate the iss and aud claims for JWT logins. (#7827) 2020-07-14 07:16:43 -04:00
key.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
logger.py Fix stack overflow when logging system encounters an error (#8268) 2020-09-07 16:54:30 +01:00
metrics.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
oidc_config.py fix broken link in sample config (#7712) 2020-06-16 19:50:16 +01:00
password_auth_providers.py Add documentation to password_providers config option (#7238) 2020-04-08 00:46:50 +01:00
password.py Allow server admins to define and enforce a password policy (MSC2000). (#7118) 2020-03-26 16:51:13 +00:00
push.py Add ability to run multiple pusher instances (#7855) 2020-07-16 14:06:28 +01:00
ratelimiting.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
redis.py Update worker docs with recent enhancements (#7969) 2020-07-29 23:22:13 +01:00
registration.py Various improvements to the docs (#7899) 2020-07-29 10:35:44 -04:00
repository.py Support running multiple media repos. (#7706) 2020-06-17 14:13:30 +01:00
room_directory.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
room.py Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
saml2_config.py Fix a regression from calling read_templates. (#8252) 2020-09-04 09:10:33 -04:00
server_notices_config.py Fix copypasted comment (#7477) 2020-05-13 16:55:43 +01:00
server.py Add a config option for validating 'next_link' parameters against a domain whitelist (#8275) 2020-09-08 16:03:09 +01:00
spam_checker.py Extend spam checker to allow for multiple modules (#7435) 2020-05-08 19:25:48 +01:00
sso.py Use the default templates when a custom template file cannot be found (#8037) 2020-08-17 17:05:00 +01:00
stats.py Refactor HomeserverConfig so it can be typechecked (#6137) 2019-10-10 09:39:35 +01:00
third_party_event_rules.py Refactor HomeserverConfig so it can be typechecked (#6137) 2019-10-10 09:39:35 +01:00
tls.py Replace all remaining six usage with native Python 3 equivalents (#7704) 2020-06-16 08:51:47 -04:00
tracer.py Refactor HomeserverConfig so it can be typechecked (#6137) 2019-10-10 09:39:35 +01:00
user_directory.py Refactor HomeserverConfig so it can be typechecked (#6137) 2019-10-10 09:39:35 +01:00
voip.py Add config linting script that checks for bool casing (#6203) 2019-10-23 13:22:54 +01:00
workers.py Revert "Add experimental support for sharding event persister. (#8170)" (#8242) 2020-09-04 10:19:42 +01:00