master/synapse
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
b596faa4ec
synapse/tests/rest
History
Eric Eastwood 6f9fab1089
Fix open redirect in legacy SSO flow (idp) (#18909) 
- Validate the `idp` parameter to only accept the ones that are known in
the config file
- URL-encode the `idp` parameter for safety's sake (this is the main
fix)

Fix https://github.com/matrix-org/internal-config/issues/1651 (internal
link)

Regressed in https://github.com/element-hq/synapse/pull/17972
2025-09-17 13:54:47 -05:00
..
admin Add experimental support for MSC4308: Thread Subscriptions extension to Sliding Sync when MSC4306 and MSC4186 are enabled. (#18695) 2025-09-11 14:45:04 +01:00
client Fix open redirect in legacy SSO flow (idp) (#18909) 2025-09-17 13:54:47 -05:00
key Use twisted.internet.testing module in tests instead of deprecated twisted.test.proto_helpers. (#18728) 2025-07-30 12:32:10 +01:00
media Use twisted.internet.testing module in tests instead of deprecated twisted.test.proto_helpers. (#18728) 2025-07-30 12:32:10 +01:00
synapse Use twisted.internet.testing module in tests instead of deprecated twisted.test.proto_helpers. (#18728) 2025-07-30 12:32:10 +01:00
__init__.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_health.py Correctly mention previous copyright (#16820) 2024-01-23 11:26:48 +00:00
test_well_known.py Format files with Ruff (#17643) 2024-09-02 12:39:04 +01:00