diff options
| author | H-Shay <H-Shay@users.noreply.github.com> | 2023-08-03 18:44:58 +0000 |
|---|---|---|
| committer | H-Shay <H-Shay@users.noreply.github.com> | 2023-08-03 18:44:58 +0000 |
| commit | 96f4888a15de80752b7c1a9c6c07ec7610e09cce (patch) | |
| tree | cbd991e58850c1ec9d9cdf666f3137f292969bee /develop/print.html | |
| parent | deploy: f0a860908ba0309c89c9dba452d99b4f9c6928f7 (diff) | |
| download | synapse-96f4888a15de80752b7c1a9c6c07ec7610e09cce.tar.xz | |
deploy: 0a5f4f766514b84aff84ff17dffd5301a437c797
Diffstat (limited to 'develop/print.html')
| -rw-r--r-- | develop/print.html | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/develop/print.html b/develop/print.html index aed01ff53e..f7320771b7 100644 --- a/develop/print.html +++ b/develop/print.html @@ -1779,6 +1779,17 @@ dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb </code></pre> </li> </ul> +<h1 id="upgrading-to-v1900"><a class="header" href="#upgrading-to-v1900">Upgrading to v1.90.0</a></h1> +<h2 id="app-service-query-parameter-authorization-is-now-a-configuration-option"><a class="header" href="#app-service-query-parameter-authorization-is-now-a-configuration-option">App service query parameter authorization is now a configuration option</a></h2> +<p>Synapse v1.81.0 deprecated application service authorization via query parameters as this is +considered insecure - and from Synapse v1.71.0 forwards the application service token has also been sent via +<a href="https://spec.matrix.org/v1.6/application-service-api/#authorization">the <code>Authorization</code> header</a>], making the insecure +query parameter authorization redundant. Since removing the ability to continue to use query parameters could break +backwards compatibility it has now been put behind a configuration option, <code>use_appservice_legacy_authorization</code>.<br /> +This option defaults to false, but can be activated by adding </p> +<pre><code class="language-yaml">use_appservice_legacy_authorization: true +</code></pre> +<p>to your configuration.</p> <h1 id="upgrading-to-v1890"><a class="header" href="#upgrading-to-v1890">Upgrading to v1.89.0</a></h1> <h2 id="removal-of-unspecced-user-property-for-register"><a class="header" href="#removal-of-unspecced-user-property-for-register">Removal of unspecced <code>user</code> property for <code>/register</code></a></h2> <p>Application services can no longer call <code>/register</code> with a <code>user</code> property to create new users. @@ -6030,6 +6041,15 @@ Implicitly enables MAU tracking for application service users.</p> <pre><code class="language-yaml">track_appservice_user_ips: true </code></pre> <hr /> +<h3 id="use_appservice_legacy_authorization"><a class="header" href="#use_appservice_legacy_authorization"><code>use_appservice_legacy_authorization</code></a></h3> +<p>Whether to send the application service access tokens via the <code>access_token</code> query parameter +per older versions of the Matrix specification. Defaults to false. Set to true to enable sending +access tokens via a query parameter.</p> +<p>**Enabling this option is considered insecure and is not recommended. **</p> +<p>Example configuration:</p> +<pre><code class="language-yaml">use_appservice_legacy_authorization: true +</code></pre> +<hr /> <h3 id="macaroon_secret_key"><a class="header" href="#macaroon_secret_key"><code>macaroon_secret_key</code></a></h3> <p>A secret which is used to sign</p> <ul> |