Remove trailing slash ability from password reset's submit_token endpoint (#6074)

Remove trailing slash ability from the password reset submit_token endpoint. Since we provide the link in an email, and have never sent it with a trailing slash, there's no point for us to accept them on the endpoint.
author: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> 2019-09-20 14:58:37 +0100
committer: GitHub <noreply@github.com> 2019-09-20 14:58:37 +0100
commit: 7763dd3e9592909cfe3d7763f4a68b8135fc2bdc (patch)
tree: b128227a4796efd11a0ad16ef168ac40e47cbb5c /changelog.d
parent: Ensure email validation link parameters are URL-encoded (#6063) (diff)
download: synapse-7763dd3e9592909cfe3d7763f4a68b8135fc2bdc.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/6074.feature b/changelog.d/6074.feature
new file mode 100644
index 0000000000..b7aa9c99d8
--- /dev/null
+++ b/changelog.d/6074.feature
@@ -0,0 +1 @@
+Prevent password reset's submit_token endpoint from accepting trailing slashes.
\ No newline at end of file
author	Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>	2019-09-20 14:58:37 +0100
committer	GitHub <noreply@github.com>	2019-09-20 14:58:37 +0100
commit	7763dd3e9592909cfe3d7763f4a68b8135fc2bdc (patch)
tree	b128227a4796efd11a0ad16ef168ac40e47cbb5c /changelog.d
parent	Ensure email validation link parameters are URL-encoded (#6063) (diff)
download	synapse-7763dd3e9592909cfe3d7763f4a68b8135fc2bdc.tar.xz