Config option to inhibit 3PID errors on /requestToken

Adds a request_token_inhibit_errors configuration flag (disabled by default) which, if enabled, change the behaviour of all /requestToken endpoints so that they return a 200 and a fake sid if the 3PID was/was not found associated with an account (depending on the endpoint), instead of an error. Co-Authored-By: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
author: Brendan Abolivier <babolivier@matrix.org> 2020-04-21 16:33:01 +0200
committer: Brendan Abolivier <babolivier@matrix.org> 2020-04-22 23:38:42 +0200
commit: 69ad7cc13bf2e2499c39daa4a2707421ad999762 (patch)
tree: af87771e54e4a52db8a04dc60216f19d8a90ad99 /docs
parent: matrix.org was fine (diff)
download: synapse-69ad7cc13bf2e2499c39daa4a2707421ad999762.tar.xz
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 2ff0dd05a2..abe03b2267 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -409,6 +409,16 @@ retention:
   #    longest_max_lifetime: 1y
   #    interval: 1d
 
+# Inhibits the /requestToken endpoints from returning an error that might leak
+# information about whether an e-mail address is in use or not on this
+# homeserver.
+# Note that for some endpoints the error situation is the e-mail already being
+# used, and for others the error is entering the e-mail being unused.
+# If this option is enabled, instead of returning an error, these endpoints will
+# act as if no error happened and return a fake session ID ('sid') to clients.
+#
+#request_token_inhibit_3pid_errors: true
+
 
 ## TLS ##
author	Brendan Abolivier <babolivier@matrix.org>	2020-04-21 16:33:01 +0200
committer	Brendan Abolivier <babolivier@matrix.org>	2020-04-22 23:38:42 +0200
commit	69ad7cc13bf2e2499c39daa4a2707421ad999762 (patch)
tree	af87771e54e4a52db8a04dc60216f19d8a90ad99 /docs
parent	matrix.org was fine (diff)
download	synapse-69ad7cc13bf2e2499c39daa4a2707421ad999762.tar.xz