wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Document the checks made for incoming PDUs

Browse source
This commit is contained in:
Erik Johnston 2018-12-13 14:11:03 +00:00
parent 0f7e285f15
commit ee9c010c37
1 changed files with 16 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

18
specification/server_server_api.rst
View file

@ -334,8 +334,22 @@ Authorization of PDUs
~~~~~~~~~~~~~~~~~~~~~
Whenever a server receives an event from a remote server, the receiving server
must check that the event is allowed by the authorization rules. These rules
depend on the state of the room at that event.
must ensure that the event:
1. Is a valid event, otherwise it is dropped
2. Passes signature checks, otherwise it is dropped.
3. Passes hash checks, otherwise it is redacted before being processed
further.
4. Passes authorization rules based on the event's auth events, otherwise it
is rejected.
5. Passes authorization rules based on the state at the event, otherwise it
is rejected.
6. Passes auth rules based on the current state of the room, otherwise it
is "soft failed".
Further details of these checks, and how to handle failures, are described
below.
Definitions
+++++++++++