| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add type hints to media rest resources. (#9093) | Patrick Cloke | 2021-01-15 | 1 | -6/+12 |
| | | |||||
| * | Merge different Resource implementation classes (#7732) | Erik Johnston | 2020-07-03 | 1 | -10/+2 |
| | | |||||
| * | Set Referrer-Policy to no-referrer for media (#7009) | Dionysis Grigoropoulos | 2020-03-23 | 1 | -0/+3 |
| | | |||||
| * | Make the http server handle coroutine-making REST servlets (#5475) | Amber Brown | 2019-06-29 | 1 | -16/+10 |
| | | |||||
| * | Run Black. (#5482) | Amber Brown | 2019-06-20 | 1 | -3/+5 |
| | | |||||
| * | Add 'sandbox' to CSP for media repo (#4284) | David Baker | 2018-12-11 | 1 | -1/+2 |
| | | | | | | | * Add 'sandbox' to the CSP for media repo * Changelog | ||||
| * | added "media-src: 'self'" to CSP for resources (#3578) | Jérémy Farnaud | 2018-09-25 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | Synapse doesn’t allow for media resources to be played directly from Chrome. It is a problem for users on other networks (e.g. IRC) communicating with Matrix users through a gateway. The gateway sends them the raw URL for the resource when a Matrix user uploads a video and the video cannot be played directly in Chrome using that URL. Chrome argues it is not authorized to play the video because of the Content Security Policy. Chrome checks for the "media-src" policy which is missing, and defauts to the "default-src" policy which is "none". As Synapse already sends "object-src: 'self'" I thought it wouldn’t be a problem to add "media-src: 'self'" to the CSP to fix this problem. | ||||
| * | Port rest/ to Python 3 (#3823) | Amber Brown | 2018-09-12 | 1 | -6/+6 |
| | | |||||
| * | run isort | Amber Brown | 2018-07-09 | 1 | -4/+2 |
| | | |||||
| * | Set Server header in SynapseRequest | Richard van der Hoff | 2018-05-10 | 1 | -2/+1 |
| | | | | | | | | | | | | | (instead of everywhere that writes a response. Or rather, the subset of places which write responses where we haven't forgotten it). This also means that we don't have to have the mysterious version_string attribute in anything with a request handler. Unfortunately it does mean that we have to pass the version string wherever we instantiate a SynapseSite, which has been c&ped 150 times, but that is code that ought to be cleaned up anyway really. | ||||
| * | Remove redundant request_handler decorator | Richard van der Hoff | 2018-05-10 | 1 | -7/+9 |
| | | | | | | | This is needless complexity; we might as well use the wrapper directly. Also rename wrap_request_handler->wrap_json_request_handler. | ||||
| * | Add missing class var | Erik Johnston | 2018-01-12 | 1 | -0/+3 |
| | | |||||
| * | Remove unused variables | Erik Johnston | 2018-01-12 | 1 | -3/+0 |
| | | |||||
| * | Use MediaStorage for remote media | Erik Johnston | 2018-01-09 | 1 | -32/+11 |
| | | |||||
| * | Use MediaStorage for local files | Erik Johnston | 2018-01-09 | 1 | -23/+1 |
| | | |||||
| * | Store URL cache preview downloads seperately | Erik Johnston | 2017-06-23 | 1 | -1/+6 |
| | | | | | This makes it easier to clear old media out at a later date | ||||
| * | Add API to quarantine media | Erik Johnston | 2017-06-19 | 1 | -1/+1 |
| | | |||||
| * | Fix routing loop when fetching remote media | Richard van der Hoff | 2017-03-13 | 1 | -0/+12 |
| | | | | | | | | | | | | When we proxy a media request to a remote server, add a query-param, which will tell the remote server to 404 if it doesn't recognise the server_name. This should fix a routing loop where the server keeps forwarding back to itself. Also improves the error handling on remote media fetches, so that we don't always return a rather obscure 502. | ||||
| * | Set CORs headers on responses from the media repo | Mark Haines | 2016-11-02 | 1 | -1/+2 |
| | | |||||
| * | Add quotes and be explicity about script-src | Erik Johnston | 2016-09-05 | 1 | -1/+2 |
| | | |||||
| * | Allow PDF to be rendered from media repo | Erik Johnston | 2016-09-05 | 1 | -1/+7 |
| | | |||||
| * | Set `Content-Security-Policy` on media repo | Erik Johnston | 2016-08-17 | 1 | -0/+1 |
| | | | | | | This is to inform browsers that they should sandbox the returned media. This is particularly cruical for javascript/HTML files. | ||||
| * | Report per request metrics for all of the things using request_handler | Mark Haines | 2016-04-28 | 1 | -1/+2 |
| | | |||||
| * | Move MediaRepository to media_repository module | Erik Johnston | 2016-04-19 | 1 | -1/+1 |
| | | |||||
| * | Split out BaseMediaResource into MediaRepository | Erik Johnston | 2016-04-19 | 1 | -6/+18 |
| | | | | | | | | | | This is so that a single MediaRepository can be shared across all resources, rather than having a "copy" per resource. In particular this allows us to guard against both the thumbnail and download resource triggering a download of remote content at the same time. | ||||
| * | copyrights | Matthew Hodgson | 2016-01-07 | 1 | -1/+1 |
| | | |||||
| * | If user supplies filename in URL when downloading from media repo, use that ↵ | Erik Johnston | 2015-07-03 | 1 | -7/+9 |
| | | | | | name in Content Disposition | ||||
| * | Add Content-Disposition headers to media repo v1 downloads | Erik Johnston | 2015-06-30 | 1 | -2/+6 |
| | | |||||
| * | Combine the request wrappers in rest/media/v1 and http/server into a single ↵ | Mark Haines | 2015-04-21 | 1 | -8/+4 |
| | | | | | wrapper decorator | ||||
| * | Move rest APIs back under the rest directory | Mark Haines | 2015-01-22 | 1 | -0/+74 |
 |
index : matrix/thirdparty/synapse.git | |
| Unnamed repository; edit this file 'description' to name the repository. |
| summary refs log tree commit diff |