diff options
author | Denis Kasak <dkasak@termina.org.uk> | 2021-04-19 16:21:46 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-19 17:21:46 +0100 |
commit | e694a598f8c948ad177e897c5bedaa71a47add29 (patch) | |
tree | 11a5ff900666d5aa77258ced554a20cb129975f3 /synapse/util | |
parent | Don't send normal presence updates over federation replication stream (#9828) (diff) | |
download | synapse-e694a598f8c948ad177e897c5bedaa71a47add29.tar.xz |
Sanity check identity server passed to bind/unbind. (#9802)
Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
Diffstat (limited to 'synapse/util')
-rw-r--r-- | synapse/util/stringutils.py | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/synapse/util/stringutils.py b/synapse/util/stringutils.py index c0e6fb9a60..cd82777f80 100644 --- a/synapse/util/stringutils.py +++ b/synapse/util/stringutils.py @@ -132,6 +132,38 @@ def parse_and_validate_server_name(server_name: str) -> Tuple[str, Optional[int] return host, port +def valid_id_server_location(id_server: str) -> bool: + """Check whether an identity server location, such as the one passed as the + `id_server` parameter to `/_matrix/client/r0/account/3pid/bind`, is valid. + + A valid identity server location consists of a valid hostname and optional + port number, optionally followed by any number of `/` delimited path + components, without any fragment or query string parts. + + Args: + id_server: identity server location string to validate + + Returns: + True if valid, False otherwise. + """ + + components = id_server.split("/", 1) + + host = components[0] + + try: + parse_and_validate_server_name(host) + except ValueError: + return False + + if len(components) < 2: + # no path + return True + + path = components[1] + return "#" not in path and "?" not in path + + def parse_and_validate_mxc_uri(mxc: str) -> Tuple[str, Optional[int], str]: """Parse the given string as an MXC URI |