-
-
Notifications
You must be signed in to change notification settings - Fork 828
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use OPTIONS for sliding sync detection poke #12492
Conversation
This avoids unintended consequences, including high resource usage, which would accompany a "full" sync request. Instead, we just grab headers and enough information for CORS to pass, revealing likely support. Fixes element-hq/element-web#27426
for the record, I tested this against my own sliding sync proxy and it returned 200 OK to options without stealing the token, as expected. I don't believe we've got a test harness for the proxy set up, but ideally that would be proven with tests. |
I don't know what I did to deserve this failure mode - if folks have ideas, please let me know. |
The `OPTIONS` approach from #12492 doesn't work because Synapse *always* responds with 204 (success) to `OPTIONS` requests, as described here: element-hq/synapse#17153 We further can't use `HEAD` because it's not part of the allowed CORS methods, meaning the browser will mask the exact status code and error message from us, and the proxy hangs on the request anyways: matrix-org/sliding-sync#429 To avoid these problems, we instead search for an unstable feature flag to be exposed by the server. Presence of this flag denotes native support. See https://github.com/matrix-org/matrix-spec-proposals/pull/3575/files#r1588877046 for details. Implementations which support sliding sync natively will need to update to support this new unstable feature flag usage.
The |
…12498) * Check native sliding sync support against an unstable feature flag The `OPTIONS` approach from #12492 doesn't work because Synapse *always* responds with 204 (success) to `OPTIONS` requests, as described here: element-hq/synapse#17153 We further can't use `HEAD` because it's not part of the allowed CORS methods, meaning the browser will mask the exact status code and error message from us, and the proxy hangs on the request anyways: matrix-org/sliding-sync#429 To avoid these problems, we instead search for an unstable feature flag to be exposed by the server. Presence of this flag denotes native support. See https://github.com/matrix-org/matrix-spec-proposals/pull/3575/files#r1588877046 for details. Implementations which support sliding sync natively will need to update to support this new unstable feature flag usage. * Appease the linter * Appease the tests
This avoids unintended consequences, including high resource usage, which would accompany a "full" sync request. Instead, we just grab headers and enough information for CORS to pass, revealing likely support.
Fixes element-hq/element-web#27426
Requires matrix-org/matrix-js-sdk#4188
Checklist
public
/exported
symbols have accurate TSDoc documentation.