more config comment updates

author: Richard van der Hoff <richard@matrix.org> 2019-05-03 15:50:59 +0100
committer: Richard van der Hoff <richard@matrix.org> 2019-05-03 15:50:59 +0100
commit: 1565ebec2c7aa9f6f2a8b60227b405cae12e7170 (patch)
tree: 62527d05d9aa64869b469f33af6db5d291720e3e /synapse/config
parent: Blacklist 0.0.0.0 and :: by default for URL previews (diff)
download: synapse-1565ebec2c7aa9f6f2a8b60227b405cae12e7170.tar.xz
1 files changed, 5 insertions, 2 deletions
diff --git a/synapse/config/repository.py b/synapse/config/repository.py
index d155d69d8a..fbfcecc240 100644
--- a/synapse/config/repository.py
+++ b/synapse/config/repository.py
@@ -279,8 +279,11 @@ class ContentRepositoryConfig(Config):
         # synapse to issue arbitrary GET requests to your internal services,
         # causing serious security issues.
         #
-        # This must be specified if url_preview_enabled. It is recommended that you
-        # uncomment the following list as a starting point.
+        # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
+        # listed here, since they correspond to unroutable addresses.)
+        #
+        # This must be specified if url_preview_enabled is set. It is recommended that
+        # you uncomment the following list as a starting point.
         #
         #url_preview_ip_range_blacklist:
         #  - '127.0.0.0/8'
author	Richard van der Hoff <richard@matrix.org>	2019-05-03 15:50:59 +0100
committer	Richard van der Hoff <richard@matrix.org>	2019-05-03 15:50:59 +0100
commit	1565ebec2c7aa9f6f2a8b60227b405cae12e7170 (patch)
tree	62527d05d9aa64869b469f33af6db5d291720e3e /synapse/config
parent	Blacklist 0.0.0.0 and :: by default for URL previews (diff)
download	synapse-1565ebec2c7aa9f6f2a8b60227b405cae12e7170.tar.xz