diff options
author | Eric Eastwood <erice@element.io> | 2022-09-23 11:49:39 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-23 11:49:39 -0500 |
commit | db868db594c1a8a0baa3686b60f1c49c0d4be371 (patch) | |
tree | 277a6b46085b9adbadd872bdf7a77feba9c37a11 /changelog.d/13855.bugfix | |
parent | Update Cargo.lock file. (#13889) (diff) | |
download | synapse-db868db594c1a8a0baa3686b60f1c49c0d4be371.tar.xz |
Fix access token leak to logs from proxyagent (#13855)
This can happen specifically with an application service `/transactions/10722?access_token=leaked` request Fix https://github.com/matrix-org/synapse/issues/13010 --- Saw an example leak in https://github.com/matrix-org/synapse/issues/13423#issuecomment-1205348482 ``` 2022-08-04 14:47:57,925 - synapse.http.client - 401 - DEBUG - as-sender-signal-1 - Sending request PUT http://localhost:29328/transactions/10722?access_token=<redacted> 2022-08-04 14:47:57,926 - synapse.http.proxyagent - 223 - DEBUG - as-sender-signal-1 - Requesting b'http://localhost:29328/transactions/10722?access_token=leaked' via <HostnameEndpoint localhost:29328> ```
Diffstat (limited to 'changelog.d/13855.bugfix')
-rw-r--r-- | changelog.d/13855.bugfix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/13855.bugfix b/changelog.d/13855.bugfix new file mode 100644 index 0000000000..5ea8539bd8 --- /dev/null +++ b/changelog.d/13855.bugfix @@ -0,0 +1 @@ +Fix access token leak to logs from proxy agent. |