continuwuity

Author	SHA1	Message	Date
strawberry	a0205cd41d	implement deprecated user field for login requests Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-20 07:06:57 -05:00
strawberry	0ea8657070	default to Undefined if room avatar URL was not found despite checking if its Some Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	244c1f7190	config option to check root domain with URL previews Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	48e4b71dd1	remove hardcoded 300kb limit on spider size with config option of 1MB default modern websites are sadly massive, 300kb is pretty low. 1MB should be enough. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	2ea895199a	dont drop true error with url str parse, fix url contains logic order, clarify config comment Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	8e6d52e7dd	dont follow more than 2 redirects for URL previews for security reasons Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
Reiner Herrmann	c0dd5b1cc2	feat: URL preview support from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347 with the following changes (so far): - remove hardcoded list of allowed hosts (strongly disagree with this, even if it is desired, it should not be harcoded) - add more allow config options for granularity via URL contains, host contains, and domain is (explicit match) for security - warn if a user is allowing all URLs to be previewed for security reasons - replace an expect with proper error handling - bump webpage to 2.0 - improved code style a tad Co-authored-by: rooot <hey@rooot.gay> Signed-off-by: rooot <hey@rooot.gay> Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	6f26be1c6e	eat less /ban endpoint fields, fix ban reason not consistently applied Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	d4d8c6eb21	check if custom room ID is apart of forbidden room alias Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
Matthias Ahouansou	fc93b29abe	feat: forbid certain usernames & room aliases squashed from https://gitlab.com/famedly/conduit/-/merge_requests/582 Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
Matthias Ahouansou	784d307425	revamp appservice registration to ruma's Registration type squashed from https://gitlab.com/famedly/conduit/-/merge_requests/583 Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-02-11 21:56:55 -05:00
strawberry	4ac568769b	improvement: registration token now only works when registration is enabled Co-authored-by: Timo Kösters <timo@koesters.xyz> Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	0e8267656f	fix room ID messages, remove comments Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	9858b33b37	just remove double quotes if found instead Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	e0419d9c5d	custom room ID checks, dont use format! macro due to quotes being added Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	7eff572e77	check if room ID already exists instead of erroring on auth check Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	8754f0e2a5	additional character check on room alias Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	382347353e	add custom room ID support using `room_id` field Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	2980af6490	move room creation config check higher up dont bother wasting resources if we know we arent even allowed to make the room to begin with Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	ead9a58dce	dont crash failing to deserialise room creation content Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	3453dcc344	add error checking to room aliases length, colon, and spaces. also dont crash. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	6c1358d0c8	send home_server on login response again a 6+ year old deprecated field that isnt even spelled right, and no clients use it must still be sent according to spec Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	71d247232d	oops forgot that endpoint too Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	6c75087863	eat less of client parameters for media requests still cantt respect allow_redirect yet Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	ab6cb4ad2d	switch back to expect for sender_user as far as i can tell, it will return a normal error in the auth token handling code so this is fine. we also shouldnt assume all errors from this are access_token related. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	9d0c85ab17	use ruma JsOption, bump figment Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	34bac4d1d9	support sending well_known client response in /login using `well_known_client` Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	cf62cb0d0a	send avatar_url on invite member events like synapse Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	f275a0dfbe	fix obvious copy-paste error Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-25 19:28:33 -05:00
strawberry	6ffc54e241	support blocking servers from fetching remote media from akin to synapse's `prevent_media_downloads_from` Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 23:57:45 -05:00
strawberry	1a06c8c9d3	more error checking for deserialising events and canonical JSON Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 23:57:45 -05:00
strawberry	3ffca25f6f	update few endpoint docs versions Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 23:57:45 -05:00
strawberry	2bbc75d68e	why did i have to run cargo fmt twice Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	40f5345586	fix formatting and links of user reports more Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	e944ed5eb4	fix `/report` endpoint a lot in short, the `/report` endpoint now checks if: - the reporting room in the URI matches the PDU/event reported - sender user is in the room reported - raises report reasoning to 750 characters (spec doesn't say to limit these, but thorough and informative reports for server admins are not a bad thing) - (hopefully) fixes some broken formatting - add a random short delay before sending a successful response to the client to make it more annoying to enumerate for events on our server (security by obscurity but spec suggests it) basically, secure reports better lol see https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	7eb57a9fd5	explicitly fallback to None for invalid/empty room topics Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	9a3866afff	return `M_INVALID_PARAM` instead of `M_BAD_JSON` for bad room aliases Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	92641d0628	first of many small code documentation Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	a85ebdeaa0	require sender_user being in the reporting room for /report events Matrix 1.8 change: https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	bfc738d80e	default to None for room topic event in spaces or /publicRooms Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	59c7f93656	fix more clippy lints (part 1) Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-17 14:26:26 -05:00
strawberry	2074e36aa4	add missing ban reason to ban events Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	2f16726bac	raise generated passwords to 25 chars Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	2b031e40a2	partially revert keeping track of remote user profiles this seems to require some more work to properly ignore dead server errors without breaking the entire room join Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	149d22eef7	make set avatar, displayname, and blurhash async and forgot another let _ Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	9ec1532580	ignore potential errors when updating user profiles Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	ad792f4565	oops dedup only works on consecutive elements Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	52884abff6	don't validate or add signature if room is not v8 or above or not using restricted joins should resolve https://github.com/matrix-org/matrix-spec/issues/1708 on for conduwuit until spec clarifies. Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	5c4b8ad7a3	replace panics on unknown room versions with errors Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00
strawberry	edd74efbf2	dedup servers in get_alias_helper Signed-off-by: strawberry <strawberry@puppygock.gay>	2024-01-14 20:55:56 -05:00

1 2 3 4

187 commits