summary refs log tree commit diff
path: root/docs/upgrade.md
diff options
context:
space:
mode:
authorShay <hillerys@element.io>2023-08-03 11:43:51 -0700
committerGitHub <noreply@github.com>2023-08-03 11:43:51 -0700
commit0a5f4f766514b84aff84ff17dffd5301a437c797 (patch)
treea7909bcb2d741ba0fb4d9787ae633d974c64add5 /docs/upgrade.md
parentAllow config of the backoff algorithm for the federation client. (#15754) (diff)
downloadsynapse-0a5f4f766514b84aff84ff17dffd5301a437c797.tar.xz
Move support for application service query parameter authorization behind a configuration option (#16017)
Diffstat (limited to 'docs/upgrade.md')
-rw-r--r--docs/upgrade.md16
1 files changed, 15 insertions, 1 deletions
diff --git a/docs/upgrade.md b/docs/upgrade.md
index 5dde6c769e..f50a279e98 100644
--- a/docs/upgrade.md
+++ b/docs/upgrade.md
@@ -88,6 +88,21 @@ process, for example:
     dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
     ```
 
+# Upgrading to v1.90.0
+
+## App service query parameter authorization is now a configuration option
+
+Synapse v1.81.0 deprecated application service authorization via query parameters as this is
+considered insecure - and from Synapse v1.71.0 forwards the application service token has also been sent via 
+[the `Authorization` header](https://spec.matrix.org/v1.6/application-service-api/#authorization)], making the insecure
+query parameter authorization redundant. Since removing the ability to continue to use query parameters could break 
+backwards compatibility it has now been put behind a configuration option, `use_appservice_legacy_authorization`.  
+This option defaults to false, but can be activated by adding 
+```yaml
+use_appservice_legacy_authorization: true 
+```
+to your configuration.
+
 # Upgrading to v1.89.0
 
 ## Removal of unspecced `user` property for `/register`
@@ -97,7 +112,6 @@ The standard `username` property should be used instead. See the
 [Application Service specification](https://spec.matrix.org/v1.7/application-service-api/#server-admin-style-permissions)
 for more information.
 
-
 # Upgrading to v1.88.0
 
 ## Minimum supported Python version