Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Make /config more CORS-y #4279

Merged
merged 4 commits into from
Dec 10, 2018
Merged

Make /config more CORS-y #4279

merged 4 commits into from
Dec 10, 2018

Conversation

Half-Shot
Copy link
Collaborator

This should fix #4278

@Half-Shot Half-Shot requested a review from a team December 9, 2018 13:27
@codecov-io
Copy link

codecov-io commented Dec 9, 2018
edited
Loading

Codecov Report

Merging #4279 into develop will not change coverage.
The diff coverage is 100%.

Impacted file tree graph

@@           Coverage Diff            @@
##           develop    #4279   +/-   ##
========================================
  Coverage    73.47%   73.47%           
========================================
  Files          302      302           
  Lines        29892    29892           
  Branches      4887     4887           
========================================
  Hits         21963    21963           
  Misses        6490     6490           
  Partials      1439     1439
Impacted Files Coverage Δ
synapse/rest/media/v1/config_resource.py 90.9% <100%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 30da50a...fee831c. Read the comment docs.

@Half-Shot
Copy link
Collaborator Author

(The force push was to remove about 5 commits of me faffing around with isort)

erikjohnston
erikjohnston suggested changes Dec 10, 2018
View reviewed changes
synapse/rest/media/v1/config_resource.py
yield self.auth.get_user_by_req(request)
respond_with_json(request, 200, self.limits_dict)

def render_OPTIONS(self, request):
set_cors_headers(request)
respond_with_json(request, 200, {}, send_cors=True)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a) I'm surprised that we even have OPTIONS, since GET requests aren't preflighted(?), and b) I'm assuming that send_cors=True are actually adding the CORS headers?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh yes, duh.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

Riot seems to request OPTIONS and so I implemented it way back. I don't know if we need it for the request to succeed though.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wut. But ok fine.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GET requests are preflighted if they have a custom Auth header, iirc

@Half-Shot Half-Shot requested a review from a team December 10, 2018 13:14
@Half-Shot Half-Shot merged commit 989f116 into develop Dec 10, 2018
richvdh added a commit that referenced this pull request Jan 8, 2019
@richvdh
Merge tag 'v0.34.1rc1' into matrix-org-hotfixes
1d63046 
Synapse 0.34.1rc1 (2019-01-08)
==============================

Features
--------

- Special-case a support user for use in verifying behaviour of a given server. The support user does not appear in user directory or monthly active user counts. ([\#4141](#4141), [\#4344](#4344))
- Support for serving .well-known files ([\#4262](#4262))
- Rework SAML2 authentication ([\#4265](#4265), [\#4267](#4267))
- SAML2 authentication: Initialise user display name from SAML2 data ([\#4272](#4272))
- Synapse can now have its conditional/extra dependencies installed by pip. This functionality can be used by using `pip install matrix-synapse[feature]`, where feature is a comma separated list with the possible values `email.enable_notifs`, `matrix-synapse-ldap3`, `postgres`, `resources.consent`, `saml2`, `url_preview`, and `test`. If you want to install all optional dependencies, you can use "all" instead. ([\#4298](#4298), [\#4325](#4325), [\#4327](#4327))
- Add routes for reading account data. ([\#4303](#4303))
- Add opt-in support for v2 rooms ([\#4307](#4307))
- Add a script to generate a clean config file ([\#4315](#4315))
- Return server data in /login response ([\#4319](#4319))

Bugfixes
--------

- Fix contains_url check to be consistent with other instances in code-base and check that value is an instance of string. ([\#3405](#3405))
- Fix CAS login when username is not valid in an MXID ([\#4264](#4264))
- Send CORS headers for /media/config ([\#4279](#4279))
- Add 'sandbox' to CSP for media reprository ([\#4284](#4284))
- Make the new landing page prettier. ([\#4294](#4294))
- Fix deleting E2E room keys when using old SQLite versions. ([\#4295](#4295))
- The metric synapse_admin_mau:current previously did not update when config.mau_stats_only was set to True ([\#4305](#4305))
- Fixed per-room account data filters ([\#4309](#4309))
- Fix indentation in default config ([\#4313](#4313))
- Fix synapse:latest docker upload ([\#4316](#4316))
- Fix test_metric.py compatibility with prometheus_client 0.5. Contributed by Maarten de Vries <maarten@de-vri.es>. ([\#4317](#4317))
- Avoid packaging _trial_temp directory in -py3 debian packages ([\#4326](#4326))
- Check jinja version for consent resource ([\#4327](#4327))
- fix NPE in /messages by checking if all events were filtered out ([\#4330](#4330))
- Fix `python -m synapse.config` on Python 3. ([\#4356](#4356))

Deprecations and Removals
-------------------------

- Remove the deprecated v1/register API on Python 2. It was never ported to Python 3. ([\#4334](#4334))

Internal Changes
----------------

- Getting URL previews of IP addresses no longer fails on Python 3. ([\#4215](#4215))
- drop undocumented dependency on dateutil ([\#4266](#4266))
- Update the example systemd config to use a virtualenv ([\#4273](#4273))
- Update link to kernel DCO guide ([\#4274](#4274))
- Make isort tox check print diff when it fails ([\#4283](#4283))
- Log room_id in Unknown room errors ([\#4297](#4297))
- Documentation improvements for coturn setup. Contributed by Krithin Sitaram. ([\#4333](#4333))
- Update pull request template to use absolute links ([\#4341](#4341))
- Update README to not lie about required restart when updating TLS certificates ([\#4343](#4343))
- Update debian packaging for compatibility with transitional package ([\#4349](#4349))
- Fix command hint to generate a config file when trying to start without a config file ([\#4353](#4353))
- Add better logging for unexpected errors while sending transactions ([\#4358](#4358))
@DMRobertson DMRobertson deleted the hs/fix-config-cors branch June 28, 2022 11:19
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@richvdh richvdh richvdh left review comments

@erikjohnston erikjohnston erikjohnston approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Half-Shot @codecov-io @richvdh @erikjohnston