Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Disable media federation #15579

Open
catfromplan9 opened this issue May 12, 2023 · 3 comments
Open

Disable media federation #15579

catfromplan9 opened this issue May 12, 2023 · 3 comments
Labels
A-Media-Repository Uploading, downloading images and video, thumbnailing A-Moderation Tools for moderating HSes: event redaction, media removal, purge admin API, reports from users, ... S-Minor Blocks non-critical functionality, workarounds exist. T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements. Z-Spec-Blocked This change is blocked on specification (e.g. an MSC).

Comments

@catfromplan9
Copy link

catfromplan9 commented May 12, 2023
edited
Loading

Description:

When a remote media MXC is requested, provided this feature is enabled, redirect to the same resource on the homeserver it is hosted on. Do not mirror content.

I need this feature added to resolve the fact that malicious individuals are federating illegal content onto my private matrix homeserver and reporting it to my VPS.

An alternative would be to require an access token be passed when attempting to download remote media.
@dklimpel
Copy link
Contributor

Are you looking for this?

@catfromplan9
Copy link
Author

Are you looking for this?

* [Add config option to prevent media downloads from listed domains. #15197](https://github.com/matrix-org/synapse/pull/15197)

Yes, thanks

@MatMaul MatMaul added A-Media-Repository Uploading, downloading images and video, thumbnailing A-Moderation Tools for moderating HSes: event redaction, media removal, purge admin API, reports from users, ... S-Minor Blocks non-critical functionality, workarounds exist. T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements. Z-Spec-Blocked This change is blocked on specification (e.g. an MSC). labels May 12, 2023
@catfromplan9
Copy link
Author

Description:

When a remote media MXC is requested, provided this feature is enabled, redirect to the same resource on the homeserver it is hosted on. Do not mirror content.

I need this feature added to resolve the fact that malicious individuals are federating illegal content onto my private matrix homeserver and reporting it to my VPS.

An alternative would be to require an access token be passed when attempting to download remote media.

For now, I have implemented this by writing my own python webserver and adding nginx config option for proxying to it when applicable. It works fine on all the clients and I think merging the functionality into synapse as a toggleable feature would be great

@matrixbot matrixbot mentioned this issue Dec 21, 2023
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
A-Media-Repository Uploading, downloading images and video, thumbnailing A-Moderation Tools for moderating HSes: event redaction, media removal, purge admin API, reports from users, ... S-Minor Blocks non-critical functionality, workarounds exist. T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements. Z-Spec-Blocked This change is blocked on specification (e.g. an MSC).
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MatMaul @dklimpel @catfromplan9