This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Deny server ACL events in C-S API which would block the server #4042
Assignees
Labels
Z-Help-Wanted
We know exactly how to fix this issue, and would be grateful for any contribution
z-p2
(Deprecated Label)
Comments
neilisfragile
added
Z-Help-Wanted
|
the reason this is so bad: Once you've blocked your own server, there is no way back, because all the other servers in the room will ignore you when you try to unblock yourself. |
|
We should also stop people from redacting server ACLs over the CS API for the same reason; a redacted server ACL is treated as an empty one (in current room versions). |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Its quite easy to accidentally send a server ACL event that blocks everyone, including the current server. I can't think of a time when you would want to block your own server, so lets just deny client requests that try to set ACLs that would block the current server
The text was updated successfully, but these errors were encountered: