* MSC4260: Reporting users (Client-Server API)
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Add changelog
* Update data/api/client-server/report_content.yaml
Co-authored-by: Kévin Commaille <76261501+zecakeh@users.noreply.github.com>
* Move option to consistently respond with 200 to user reporting endpoint
* Move optional random delay to event and user reporting endpoints
* Make reason required for user and room reports
* Fix requiredness syntax
---------
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Kévin Commaille <76261501+zecakeh@users.noreply.github.com>
* Use json instead of json5 for syntax highlighting
Chroma, the library used for syntax highlighting in Hugo, does not support JSON5 so those code blocks were not highlighted.
However it supports comments in JSON so they are highlighted correctly in the rendered spec.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
The first commit allows to lazy-load the diagrams, which should improve the loading time of the CS API on mobile. In the process it also improves the alt text of the images.
The second commit serves the diagrams as high-resolution WebPs. Encoding a high resolution diagram as WebP gives a file of approximately the same size as the lower resolution PNG. For maximum compatibility we also serve them as a lower resolution WebP and a fallback PNG. WebP was chosen because it is one of the export formats of draw.io/diagrams.net, and it is widely available in modern browsers.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
The `<>` delimiters are not necessary for the shortcode to be rendered inline, and in some cases they break some expectations: a shortcode that is separated from other text to be in its own paragraph is not actually wrapped by a `p` element, breaking the spacing between paragraphs.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Allow to specify a prefix for generated HTML IDs of API endpoints
Allows to deduplicate IDs of duplicate endpoints
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Include method in all API endpoint children's IDs
Avoids duplicate IDs for object of endpoints
that use the same path but a different method.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Differentiate API endpoints' request and response children's IDs
Ensures that the objects have a unique ID compared to other parts of the endpoint.
Mostly useful for the Error type that can be used for responses with different status codes.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Differentiate the names of both SessionData formats
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add tr as child of thead in HTML tables
It is invalid HTML for th to be the direct children of thead
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Remove unnecessary HTML code end tag
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Avoid nesting p HTML elements
A p HTML element cannot contain other block elements,
so the "parent" element is closed when the first "child" one is opened.
We need to use Page.RenderString with options
to force Hugo to keep the wrapping p elements
even if the content contains a single paragraph.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add missing HTML details end tags
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Replace HTML a self-closing tag with start and end tags
The a element start and end tags are mandatory.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Replace obsolete HTML name attribute with id
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* C2S: Deprecate now-legacy endpoints
* C2S: Fix MXC URI code block while we're here
* C2S: Describe the authentication and deprecation requirements
* C2S: Intro the upload/download endpoints differently
* C2S: Literally copy/paste the `content-repo.yaml` spec
* C2S: Drop `/upload` and `/create` because we aren't replacing them today
* C2S: Fix notes while we're here
* C2S: Update metadata for new endpoints
* C2S: Add authentication to new endpoints
* C2S: Drop `allow_remote` and `allow_redirect` on new endpoints
* C2S: Append backwards compatibility notes
* C2S: Decorate old media endpoints with pointers to the new ones
The server-server spec might have a harder time linking to these, but that can be fixed with verbiage.
* C2S: Annotate IdP icon spec with media auth implications
* S2S: Modernize section text
* S2S: Create content repository API
This is largely a copy/paste of the new authed content repo API in the Client-Server API, though some keywords (like "client") have been changed. Paths and response formats have also been changed to support the federation-specific requirements.
* C2S & S2S: Add plethora of changelogs
* Reference RFC 1341
* Upgrade keywords in changed text
* Mention caching
* Cross-reference IdP icons
* Update content/client-server-api/modules/content_repo.md
Also, some other editorial improvements, including factoring out our two definitions of the same key encoding algorithm.
Co-authored-by: Travis Ralston <travisr@matrix.org>
Since we already have three of these, and I'm about to add a fourth, let's pull
it out to a common definition.
We could, of course, keep defining the grammar each time it's used, but
defining it in an appendix helps us be consistent for future API design.
* Deprecate the `font` HTML tag
Rationale:
MSC4077 allows to deprecate HTML tags
that are deprecated in the WHATWG standard,
if they can be replaced by tags with the same feature.
`font` is deprecated and can be replaced by `span`
with the `data-mx-bg-color` and `data-mx-color` attributes.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add deprecation info box
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add missing 'in' in SSO specification
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Use standard changelog entry for typos
---------
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
* Use `body` field as media caption
As per MSC2530.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Use `s` HTML tag in example
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Move changed-in annotation
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* clarify otk and fallback key types in examples
- remove unsigned curve25519 keys from examples because we don't use those for
otks and fallback keys
- add missing `device_unused_fallback_key_types` property, which is required
* add changelog
* Clarify that the key backup MAC is implemented incorrectly
Due to a bug in libolm, all implementations of the
m.megolm_backup.v1.curve25519-aes-sha2 key backup algorithm incorrectly
pass an empty string through HMAC-SHA-256 to generate the `mac` property
of the `session_data`.
It was intended for the entire raw encrypted data to be passed through
HMAC-SHA-256, but the issue was caught too late in the process, and thus
we are stuck with this until a new key backup algorithm is introduced.
This commit clarifies the real-world behavior of all current
implementations.
Signed-off-by: Sumner Evans <sumner@beeper.com>
