diff options
author | Brendan Abolivier <babolivier@matrix.org> | 2020-04-21 16:33:01 +0200 |
---|---|---|
committer | Brendan Abolivier <babolivier@matrix.org> | 2020-04-22 23:38:42 +0200 |
commit | 69ad7cc13bf2e2499c39daa4a2707421ad999762 (patch) | |
tree | af87771e54e4a52db8a04dc60216f19d8a90ad99 /docs/sample_config.yaml | |
parent | matrix.org was fine (diff) | |
download | synapse-69ad7cc13bf2e2499c39daa4a2707421ad999762.tar.xz |
Config option to inhibit 3PID errors on /requestToken
Adds a request_token_inhibit_errors configuration flag (disabled by default) which, if enabled, change the behaviour of all /requestToken endpoints so that they return a 200 and a fake sid if the 3PID was/was not found associated with an account (depending on the endpoint), instead of an error. Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Diffstat (limited to 'docs/sample_config.yaml')
-rw-r--r-- | docs/sample_config.yaml | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 2ff0dd05a2..abe03b2267 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -409,6 +409,16 @@ retention: # longest_max_lifetime: 1y # interval: 1d +# Inhibits the /requestToken endpoints from returning an error that might leak +# information about whether an e-mail address is in use or not on this +# homeserver. +# Note that for some endpoints the error situation is the e-mail already being +# used, and for others the error is entering the e-mail being unused. +# If this option is enabled, instead of returning an error, these endpoints will +# act as if no error happened and return a fake session ID ('sid') to clients. +# +#request_token_inhibit_3pid_errors: true + ## TLS ## |