this can be used as a way to deal with the thumbnail
and the media file at the same time without knowing
the thumbnail MXC URL.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this provides not only some future compatibility with MSC4051,
but it just makes sense to not crash/error if we can't get a server_name
from the room ID and should just use the server_name from the sender
user's invite event. there is already code ahead that accounts for
an empty vector so this is safe.
Signed-off-by: strawberry <strawberry@puppygock.gay>
takes a full room ID, evicts all our users from that room,
adds room ID to banned room IDs metadata db table, and
forbids any new local users from attempting to join it.
Signed-off-by: strawberry <strawberry@puppygock.gay>
from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347
with the following changes (so far):
- remove hardcoded list of allowed hosts (strongly disagree with this,
even if it is desired, it should not be harcoded)
- add more allow config options for granularity via URL contains,
host contains, and domain is (explicit match) for security
- warn if a user is allowing all URLs to be previewed for security reasons
- replace an expect with proper error handling
- bump webpage to 2.0
- improved code style a tad
Co-authored-by: rooot <hey@rooot.gay>
Signed-off-by: rooot <hey@rooot.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
Honestly not sure why it wasn't done like this before. This code is much
less awkward to follow and more compartmentalized.
These changes were mainly motivated by a clippy lint triggering on the
original code, which then made me wonder if I could get rid of some of
the `Box`ing. Turns out I could, and this is the result of that.
Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.
i may find a better way to do this in the future, but this should cover
most areas anyways.
Signed-off-by: strawberry <strawberry@puppygock.gay>
im not sure what the TODO is trying to say here,
but since it's many years old and conduwuit is
fast, i dont see an issue with this.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this seems to require some more work to properly ignore
dead server errors without breaking the entire room join
Signed-off-by: strawberry <strawberry@puppygock.gay>
amazing that this wasn't done in the first place. a lack of a UA is
suspicious and some providers may block our requests just for the sake
of no UA.
Signed-off-by: strawberry <strawberry@puppygock.gay>
the last endpoint is a non-standard health check endpoint used by at
least Element Web as a weird way to determine if syncv3 is available
there can also be some valid use-cases for serving well-knowns from the
application itself
Signed-off-by: strawberry <strawberry@puppygock.gay>
strawberry
Reiner Herrmann
Matthias Ahouansou
Charles Hall