diff options
author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2021-02-26 13:24:54 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-02-26 13:24:54 +0000 |
commit | e53f11bd62b3fbf5ae3def707998235e63e82afa (patch) | |
tree | aa45c7dcaa9d0d0db3201a347744ef7c1fa20521 | |
parent | Test that we require validated email for email pushers (#9496) (diff) | |
download | synapse-e53f11bd62b3fbf5ae3def707998235e63e82afa.tar.xz |
Call out the need for an X-Forwarded-Proto in the upgrade notes (#9501)
Diffstat (limited to '')
-rw-r--r-- | CHANGES.md | 6 | ||||
-rw-r--r-- | UPGRADE.rst | 20 | ||||
-rw-r--r-- | changelog.d/9472.feature | 2 | ||||
-rw-r--r-- | changelog.d/9501.feature | 1 |
4 files changed, 28 insertions, 1 deletions
diff --git a/CHANGES.md b/CHANGES.md index d584d342d7..d9ecbac440 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,9 @@ +Synapse 1.xx.0 +============== + +Note that synapse now expects an `X-Forwarded-Proto` header when used with a reverse proxy. Please see [UPGRADE.rst](UPGRADE.rst#upgrading-to-v1290) for more details on this change. + + Synapse 1.28.0 (2021-02-25) =========================== diff --git a/UPGRADE.rst b/UPGRADE.rst index 6f628a6947..e852b806c2 100644 --- a/UPGRADE.rst +++ b/UPGRADE.rst @@ -85,6 +85,26 @@ for example: wget https://packages.matrix.org/debian/pool/main/m/matrix-synapse-py3/matrix-synapse-py3_1.3.0+stretch1_amd64.deb dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb +Upgrading to v1.29.0 +==================== + +Requirement for X-Forwarded-Proto header +---------------------------------------- + +When using Synapse with a reverse proxy (in particular, when using the +`x_forwarded` option on an HTTP listener), Synapse now expects to receive an +`X-Forwarded-Proto` header on incoming HTTP requests. If it is not set, Synapse +will log a warning on each received request. + +To avoid the warning, administrators using a reverse proxy should ensure that +the reverse proxy sets `X-Forwarded-Proto` header to `https` or `http` to +indicate the protocol used by the client. See the [reverse proxy +documentation](docs/reverse_proxy.md), where the example configurations have +been updated to show how to set this header. + +(Users of `Caddy <https://caddyserver.com/>`_ are unaffected, since we believe it +sets `X-Forwarded-Proto` by default.) + Upgrading to v1.27.0 ==================== diff --git a/changelog.d/9472.feature b/changelog.d/9472.feature index 2ea14e2d62..06cfd5d199 100644 --- a/changelog.d/9472.feature +++ b/changelog.d/9472.feature @@ -1 +1 @@ -Add support for `X-Forwarded-Proto` header when using a reverse proxy. Administrators using a reverse proxy should ensure this header is set to avoid warnings. See [docs/workers.md](docs/workers.md) for example configurations. +Add support for `X-Forwarded-Proto` header when using a reverse proxy. diff --git a/changelog.d/9501.feature b/changelog.d/9501.feature new file mode 100644 index 0000000000..06cfd5d199 --- /dev/null +++ b/changelog.d/9501.feature @@ -0,0 +1 @@ +Add support for `X-Forwarded-Proto` header when using a reverse proxy. |