summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--docs/sample_config.yaml7
-rw-r--r--synapse/config/repository.py7
2 files changed, 10 insertions, 4 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 0589734b8a..6ed75ff764 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -521,8 +521,11 @@ uploads_path: "DATADIR/uploads"
 # synapse to issue arbitrary GET requests to your internal services,
 # causing serious security issues.
 #
-# This must be specified if url_preview_enabled. It is recommended that you
-# uncomment the following list as a starting point.
+# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
+# listed here, since they correspond to unroutable addresses.)
+#
+# This must be specified if url_preview_enabled is set. It is recommended that 
+# you uncomment the following list as a starting point.
 #
 #url_preview_ip_range_blacklist:
 #  - '127.0.0.0/8'
diff --git a/synapse/config/repository.py b/synapse/config/repository.py
index d155d69d8a..fbfcecc240 100644
--- a/synapse/config/repository.py
+++ b/synapse/config/repository.py
@@ -279,8 +279,11 @@ class ContentRepositoryConfig(Config):
         # synapse to issue arbitrary GET requests to your internal services,
         # causing serious security issues.
         #
-        # This must be specified if url_preview_enabled. It is recommended that you
-        # uncomment the following list as a starting point.
+        # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
+        # listed here, since they correspond to unroutable addresses.)
+        #
+        # This must be specified if url_preview_enabled is set. It is recommended that
+        # you uncomment the following list as a starting point.
         #
         #url_preview_ip_range_blacklist:
         #  - '127.0.0.0/8'