Add a config option for validating 'next_link' parameters against a domain whitelist (#8275)

This is a config option ported over from DINUM's Sydent: https://github.com/matrix-org/sydent/pull/285 They've switched to validating 3PIDs via Synapse rather than Sydent, and would like to retain this functionality. This original purpose for this change is phishing prevention. This solution could also potentially be replaced by a similar one to https://github.com/matrix-org/synapse/pull/8004, but across all `*/submit_token` endpoint. This option may still be useful to enterprise even with that safeguard in place though, if they want to be absolutely sure that their employees don't follow links to other domains.
author: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> 2020-09-08 16:03:09 +0100
committer: GitHub <noreply@github.com> 2020-09-08 16:03:09 +0100
commit: 094896a69d44a69946df099da59adec0b52da0ac (patch)
tree: a48d0b0a27561276af44301b0bcada92c9ac4edd /changelog.d
parent: Clean up types for PaginationConfig (#8250) (diff)
download: synapse-094896a69d44a69946df099da59adec0b52da0ac.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/8275.feature b/changelog.d/8275.feature
new file mode 100644
index 0000000000..17549c3df3
--- /dev/null
+++ b/changelog.d/8275.feature
@@ -0,0 +1 @@
+Add a config option to specify a whitelist of domains that a user can be redirected to after validating their email or phone number.
\ No newline at end of file
author	Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>	2020-09-08 16:03:09 +0100
committer	GitHub <noreply@github.com>	2020-09-08 16:03:09 +0100
commit	094896a69d44a69946df099da59adec0b52da0ac (patch)
tree	a48d0b0a27561276af44301b0bcada92c9ac4edd /changelog.d
parent	Clean up types for PaginationConfig (#8250) (diff)
download	synapse-094896a69d44a69946df099da59adec0b52da0ac.tar.xz