diff options
author | Josh Qou <97894002+joshqou@users.noreply.github.com> | 2023-06-15 14:23:27 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-06-15 14:23:27 +0100 |
commit | d93912042191d30ff1f7aa41d9f0779a609caca8 (patch) | |
tree | 49d29205f6ea94a9d374b382c69a36aad7a276c7 /changelog.d | |
parent | Fix joining rooms through aliases where the alias server isn't a real homeser... (diff) | |
download | synapse-d93912042191d30ff1f7aa41d9f0779a609caca8.tar.xz |
Fix unsafe hotserving behaviour for non-multimedia uploads. (#15680)
* Fix unsafe hotserving behaviour for non-multimedia uploads. * invert disposition assert * test_media_storage.py: run lint * test_base.py: /inline/attachment/s * Only return attachment for disposition type, update tests * Update synapse/media/_base.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Update changelog.d/15680.bugfix Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * add attribution * Update changelog. --------- Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Diffstat (limited to 'changelog.d')
-rw-r--r-- | changelog.d/15680.bugfix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/15680.bugfix b/changelog.d/15680.bugfix new file mode 100644 index 0000000000..04ac19b4ec --- /dev/null +++ b/changelog.d/15680.bugfix @@ -0,0 +1 @@ +Fix a long-standing bug where media files were served in an unsafe manner. Contributed by @joshqou. |