summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2021-01-13 07:05:16 -0500
committerGitHub <noreply@github.com>2021-01-13 07:05:16 -0500
commit98a64b7f7f256b7afd4a1d735cb32d099e44831a (patch)
treed58c5d8d423a93541d63ace5eb0d0e1be32192d5 /synapse
parentMerge branch 'master' into develop (diff)
downloadsynapse-98a64b7f7f256b7afd4a1d735cb32d099e44831a.tar.xz
Add basic domain validation for `DomainSpecificString.is_valid`. (#9071)
This checks that the domain given to `DomainSpecificString.is_valid` (e.g.
`UserID`, `RoomAlias`, etc.) is of a valid form. Previously some validation
was done on the localpart (e.g. the sigil), but not the domain portion.
Diffstat (limited to 'synapse')
-rw-r--r--synapse/types.py8
1 files changed, 7 insertions, 1 deletions
diff --git a/synapse/types.py b/synapse/types.py

index c7d4e95809..20a43d05bf 100644
--- a/synapse/types.py
+++ b/synapse/types.py
@@ -37,6 +37,7 @@ from signedjson.key import decode_verify_key_bytes
 from unpaddedbase64 import decode_base64
 
 from synapse.api.errors import Codes, SynapseError
+from synapse.http.endpoint import parse_and_validate_server_name
 
 if TYPE_CHECKING:
     from synapse.appservice.api import ApplicationService
@@ -257,8 +258,13 @@ class DomainSpecificString(
 
     @classmethod
     def is_valid(cls: Type[DS], s: str) -> bool:
+        """Parses the input string and attempts to ensure it is valid."""
         try:
-            cls.from_string(s)
+            obj = cls.from_string(s)
+            # Apply additional validation to the domain. This is only done
+            # during  is_valid (and not part of from_string) since it is
+            # possible for invalid data to exist in room-state, etc.
+            parse_and_validate_server_name(obj.domain)
             return True
         except Exception:
             return False
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-03-27 05:12:50 +0000