wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #2343 from matrix-org/travis/spec/fix-2120

Browse source 
Recommend that clients don't preview URLs in encrypted rooms
This commit is contained in:
Travis Ralston 2019-11-06 09:50:36 -07:00 committed by GitHub
commit 8e6e47ae7d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
api/client-server/content-repo.yaml
View file

@ -340,6 +340,16 @@ paths:
"/preview_url": "/preview_url":
get: get:
summary: "Get information about a URL for a client" summary: "Get information about a URL for a client"
description: |-
Get information about a URL for the client. Typically this is called when a
client sees a URL in a message and wants to render a preview for the user.
.. Note::
Clients should consider avoiding this endpoint for URLs posted in encrypted
rooms. Encrypted rooms often contain more sensitive information the users
do not want to share with the homeserver, and this can mean that the URLs
being shared should also not be shared with the homeserver.
operationId: getUrlPreview operationId: getUrlPreview
produces: ["application/json"] produces: ["application/json"]
security: security:

1
changelogs/client_server/newsfragments/2343.clarification Normal file
View file

@ -0,0 +1 @@
Clarify that clients should consider not requesting URL previews in encrypted rooms.