diff options
author | Richard van der Hoff <richard@matrix.org> | 2017-11-10 12:39:45 +0000 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2017-11-10 12:39:45 +0000 |
commit | e508145c9b4b57d3e92df65bc768107e043e6399 (patch) | |
tree | 87954e920a5beced19dcb73fa9944f5ff4db2264 /synapse/rest | |
parent | Downcase userids for shared-secret registration (diff) | |
download | synapse-e508145c9b4b57d3e92df65bc768107e043e6399.tar.xz |
Add some more comments appservice user registration
Explain why we don't validate userids registered via app services
Diffstat (limited to 'synapse/rest')
-rw-r--r-- | synapse/rest/client/v2_alpha/register.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index b3d918080d..9e2f7308ce 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -225,7 +225,10 @@ class RegisterRestServlet(RestServlet): # fallback to 'username' if they gave one. desired_username = body.get("user", desired_username) - # XXX we should check that desired_username is valid + # XXX we should check that desired_username is valid. Currently + # we give appservices carte blanche for any insanity in mxids, + # because the IRC bridges rely on being able to register stupid + # IDs. access_token = get_access_token_from_request(request) |