summary refs log tree commit diff
path: root/synapse/rest/consent
diff options
context:
space:
mode:
authorPatrick Cloke <patrickc@matrix.org>2020-07-01 09:10:23 -0400
committerPatrick Cloke <patrickc@matrix.org>2020-07-02 09:58:31 -0400
commitea26e9a98b0541fc886a1cb826a38352b7599dbe (patch)
tree4bd1846684cbbc1b9db97f3f5671f1e0cd54e1b2 /synapse/rest/consent
parentFix changelog wording (diff)
downloadsynapse-ea26e9a98b0541fc886a1cb826a38352b7599dbe.tar.xz
Ensure that HTML pages served from Synapse include headers to avoid embedding.
Diffstat (limited to 'synapse/rest/consent')
-rw-r--r--synapse/rest/consent/consent_resource.py10
1 files changed, 3 insertions, 7 deletions
diff --git a/synapse/rest/consent/consent_resource.py b/synapse/rest/consent/consent_resource.py
index 1ddf9997ff..4a20282d1b 100644
--- a/synapse/rest/consent/consent_resource.py
+++ b/synapse/rest/consent/consent_resource.py
@@ -29,7 +29,7 @@ from synapse.api.errors import NotFoundError, StoreError, SynapseError
 from synapse.config import ConfigError
 from synapse.http.server import (
     DirectServeResource,
-    finish_request,
+    respond_with_html,
     wrap_html_request_handler,
 )
 from synapse.http.servlet import parse_string
@@ -197,12 +197,8 @@ class ConsentResource(DirectServeResource):
         template_html = self._jinja_env.get_template(
             path.join(TEMPLATE_LANGUAGE, template_name)
         )
-        html_bytes = template_html.render(**template_args).encode("utf8")
-
-        request.setHeader(b"Content-Type", b"text/html; charset=utf-8")
-        request.setHeader(b"Content-Length", b"%i" % len(html_bytes))
-        request.write(html_bytes)
-        finish_request(request)
+        html = template_html.render(**template_args)
+        respond_with_html(request, 200, html)
 
     def _check_hash(self, userid, userhmac):
         """