From 871c10577e9fe978ca86cf1775d64a97927014dd Mon Sep 17 00:00:00 2001 From: Johannes Marbach Date: Mon, 7 Oct 2024 11:45:17 +0200 Subject: [PATCH] MSC4170: 403 error responses for profile APIs (#1867) Signed-off-by: Johannes Marbach --- .../client_server/newsfragments/1867.feature | 1 + .../server_server/newsfragments/1867.feature | 1 + content/client-server-api/_index.md | 20 ++++++++++++- data/api/client-server/profile.yaml | 30 ++++++++++++++++++- data/api/server-server/query.yaml | 17 +++++++++++ 5 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 changelogs/client_server/newsfragments/1867.feature create mode 100644 changelogs/server_server/newsfragments/1867.feature diff --git a/changelogs/client_server/newsfragments/1867.feature b/changelogs/client_server/newsfragments/1867.feature new file mode 100644 index 00000000..24d6aa52 --- /dev/null +++ b/changelogs/client_server/newsfragments/1867.feature @@ -0,0 +1 @@ +Add 403 responses on `/profile/{userId}/avatar_url` and `/profile/{userId}/displayname` as per [MSC4170](https://github.com/matrix-org/matrix-spec-proposals/pull/4170). diff --git a/changelogs/server_server/newsfragments/1867.feature b/changelogs/server_server/newsfragments/1867.feature new file mode 100644 index 00000000..8217afb3 --- /dev/null +++ b/changelogs/server_server/newsfragments/1867.feature @@ -0,0 +1 @@ +Add 403 response on `/query/profile` as per [MSC4170](https://github.com/matrix-org/matrix-spec-proposals/pull/4170). diff --git a/content/client-server-api/_index.md b/content/client-server-api/_index.md index e9efe8ec..0fd5f6b0 100644 --- a/content/client-server-api/_index.md +++ b/content/client-server-api/_index.md @@ -2753,7 +2753,25 @@ re-invited. {{% http-api spec="client-server" api="profile" %}} -#### Events on Change of Profile Information +#### Server behaviour + +Homeservers MUST at a minimum allow profile look-up for: + +- users that share a room with the requesting user +- users that reside in public rooms known to the homeserver + +In all other cases, homeservers MAY deny profile look-up by responding with +403 and an error code of `M_FORBIDDEN`. + +When a remote user is queried and the query is not denied per the above, +homeservers SHOULD query the remote server for the user's profile information. +The remote server MAY itself deny profile queries over federation, however. + +When the requested user does not exist, homeservers MAY choose whether to +respond with 403 or 404. If the server denies profile look-up in all but the +required cases, 403 is RECOMMENDED. + +##### Events on Change of Profile Information Because the profile display name and avatar information are likely to be used in many places of a client's display, changes to these fields cause diff --git a/data/api/client-server/profile.yaml b/data/api/client-server/profile.yaml index 1a55084c..6e588ae3 100644 --- a/data/api/client-server/profile.yaml +++ b/data/api/client-server/profile.yaml @@ -98,6 +98,20 @@ paths: value: { "displayname": "Alice Margatroid" } + "403": + x-addedInMatrixVersion: "1.12" + description: The server is unwilling to disclose whether the user exists and/or + has a display name. + content: + application/json: + schema: + $ref: definitions/errors/error.yaml + examples: + response: + value: { + "errcode": "M_FORBIDDEN", + "error": "Profile lookup is disabled on this homeserver" + } "404": description: There is no display name for this user or this user does not exist. tags: @@ -185,6 +199,20 @@ paths: value: { "avatar_url": "mxc://matrix.org/SDGdghriugerRg" } + "403": + x-addedInMatrixVersion: "1.12" + description: The server is unwilling to disclose whether the user exists and/or + has an avatar URL. + content: + application/json: + schema: + $ref: definitions/errors/error.yaml + examples: + response: + value: { + "errcode": "M_FORBIDDEN", + "error": "Profile lookup is disabled on this homeserver" + } "404": description: There is no avatar URL for this user or this user does not exist. tags: @@ -239,7 +267,7 @@ paths: response: value: { "errcode": "M_FORBIDDEN", - "error": "Profile lookup over federation is disabled on this homeserver" + "error": "Profile lookup is disabled on this homeserver" } "404": description: There is no profile information for this user or this user does not diff --git a/data/api/server-server/query.yaml b/data/api/server-server/query.yaml index 16ed5e40..cc678208 100644 --- a/data/api/server-server/query.yaml +++ b/data/api/server-server/query.yaml @@ -117,6 +117,9 @@ paths: Servers may wish to cache the response to this query to avoid requesting the information too often. + + Servers MAY deny profile look-up over federation by responding with 403 and an + error code of `M_FORBIDDEN`. operationId: queryProfile security: - signedRequest: [] @@ -172,6 +175,20 @@ paths: "displayname": "John Doe", "avatar_url": "mxc://matrix.org/MyC00lAvatar" } + "403": + x-addedInMatrixVersion: "1.12" + description: The server is unwilling to disclose whether the user exists and/or + has profile information. + content: + application/json: + schema: + $ref: ../client-server/definitions/errors/error.yaml + examples: + response: + value: { + "errcode": "M_FORBIDDEN", + "error": "Profile lookup over federation is disabled on this homeserver" + } "404": description: The user does not exist or does not have a profile. content: