summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorAndrew Morgan <1342360+anoadragon453@users.noreply.github.com>2019-09-20 14:58:37 +0100
committerGitHub <noreply@github.com>2019-09-20 14:58:37 +0100
commit7763dd3e9592909cfe3d7763f4a68b8135fc2bdc (patch)
treeb128227a4796efd11a0ad16ef168ac40e47cbb5c /synapse
parentEnsure email validation link parameters are URL-encoded (#6063) (diff)
downloadsynapse-7763dd3e9592909cfe3d7763f4a68b8135fc2bdc.tar.xz
Remove trailing slash ability from password reset's submit_token endpoint (#6074)
Remove trailing slash ability from the password reset submit_token endpoint. Since we provide the link in an email, and have never sent it with a trailing slash, there's no point for us to accept them on the endpoint.
Diffstat (limited to 'synapse')
-rw-r--r--synapse/rest/client/v2_alpha/account.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py
index 1791f4d79b..3c5b23dc80 100644
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@@ -200,7 +200,7 @@ class PasswordResetSubmitTokenServlet(RestServlet):
     """Handles 3PID validation token submission"""
 
     PATTERNS = client_patterns(
-        "/password_reset/(?P<medium>[^/]*)/submit_token/*$", releases=(), unstable=True
+        "/password_reset/(?P<medium>[^/]*)/submit_token$", releases=(), unstable=True
     )
 
     def __init__(self, hs):