This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Add domain validation when creating room with list of invitees #6121
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…regression test. Should resolve matrix-org#40
…regression test. Should resolve matrix-org#40 Signed-off-by: Werner Kroneman <[email protected]>
synapse/handlers/room.py
Outdated
| @@ -554,7 +555,9 @@ def create_room(self, requester, config, ratelimit=True, creator_join_profile=No | |||
| invite_list = config.get("invite", []) | |||
| for i in invite_list: | |||
| try: | |||
| UserID.from_string(i) | |||
| uid = UserID.from_string(i) | |||
| # TODO Maybe attempt idna encoding/decoding as well? | |||
There was a problem hiding this comment.
@richvdh Do you have any thoughts on this?
There was a problem hiding this comment.
I do have thoughts on it. https://matrix.org/docs/spec/appendices#server-name is clear that server_names (and hence mxids) may contain only ascii: it's up to the client to do idna-encoding/decoding on them if it so desires.
Please can we get rid of the todo!
There was a problem hiding this comment.
Suggested change
| # TODO Maybe attempt idna encoding/decoding as well? |
tests/rest/client/v1/test_rooms.py
Outdated
| @@ -485,6 +485,14 @@ def test_post_room_invalid_content(self): | |||
| self.assertEquals(400, channel.code) | |||
|
|
|||
|
|
|||
| def test_post_room_invitees_invalid_mxid(self): | |||
| # POST with invalid invitee, see https://github.com/matrix-org/synapse/issues/4088 | |||
| # Note the trailing slash in the MXID here! | |||
There was a problem hiding this comment.
Suggested change
| # Note the trailing slash in the MXID here! | |
| # Note the trailing space in the MXID here! |
richvdh
changed the title
richvdh
changed the title
richvdh
approved these changes
Oct 10, 2019
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request Checklist
This results in a 400 bad request status instead of 500 internal server error in the case described in #4088 (trailing whitespace).
Also adds a regression test for this issue.
Question: An original (abandoned) attempt to fix this issue (see https://github.com/matrix-org/synapse/pull/4351/files) also does some trial encoding/decoding with IDNA. Should we try to do that as well? (See the TODO entry)