| 2 Nov 2024 |
 dfrankcom | I see, that makes sense, thanks. And I supposed Synapse doesn't have this problem because there's an IP blacklist which is checked somewhere against the Location header URL? | 16:51:20 |
| dfrankcom | Ah yeah I'm assuming it's this whitelist mentioned here, rather than a blacklist https://github.com/element-hq/synapse/blob/c705beebf7e95f25624ec38280192d96bc207626/synapse/http/matrixfederationclient.py#L613 | 16:55:49 |
 tulir | In reply to @dfrankcom:matrix.org
Ah yeah I'm assuming it's this whitelist mentioned here, rather than a blacklist https://github.com/element-hq/synapse/blob/c705beebf7e95f25624ec38280192d96bc207626/synapse/http/matrixfederationclient.py#L613 that's not related | 16:56:37 |
| dfrankcom | Oh interesting | 16:56:51 |
| tulir | that's a domain whitelist, preventing the attack specifically requires an ip blacklist | 16:57:10 |
| tulir | https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#ip_range_blacklist | 16:57:34 |
 adnull | Is somebody knows if there an issue regarding the missing blacklist feature? | 16:58:07 |
| adnull | I'd try implementing it | 16:58:37 |
| dfrankcom | I also see the definition here in the Synapse code base
https://github.com/element-hq/synapse/blob/c705beebf7e95f25624ec38280192d96bc207626/synapse/config/server.py#L527
And the default list which looks to match the example configuration from your link
https://github.com/element-hq/synapse/blob/c705beebf7e95f25624ec38280192d96bc207626/synapse/config/server.py#L125
Thanks for the info, I really appreciate it | 17:00:27 |
 s7evink | In reply to @adnull:matrix.adnull.dev
Is somebody knows if there an issue regarding the missing blacklist feature? No issue, but there has been some work on that regard and it is going to land in the next few weeks. | 18:24:49 |
| adnull | * Btw there is my pr (url preview endpoint) under review, so if you could point me on blacklist code I'd used it there too. | 20:56:22 |
| 3 Nov 2024 |
| adnull | * Btw there is my pr (url preview endpoint) under review, so if you could point me on blacklist code I'd use it there too. | 11:37:43 |
|  Dimitris Maroulidis changed their profile picture. | 21:56:06 |
| 4 Nov 2024 |
|  @kovalensky:matrix.org joined the room. | 04:54:25 |
|  @kacper:kbby.net left the room. | 06:19:52 |
|  rchex joined the room. | 07:31:26 |
| 5 Nov 2024 |
|  Quentin Gliech | 15:33:05 |
|  _Zaizen_ joined the room. | 15:57:18 |
| Quentin Gliech left the room. | 18:00:28 |
| 6 Nov 2024 |
|  kim joined the room. | 21:16:00 |
|  kim ⚡️ joined the room. | 22:09:22 |
| kim ⚡️ | 22:10:50 |
|  @alemi:alemi.dev changed their profile picture. | 23:30:10 |
| @alemi:alemi.dev changed their display name from əlemi to @alemi:moonlit.technology. | 23:33:48 |
| 7 Nov 2024 |
| @alemi:alemi.dev changed their display name from @alemi:moonlit.technology to alemi LTS (@alemi:moonlit.technology). | 01:29:42 |
| 8 Nov 2024 |
| @kovalensky:matrix.org changed their display name from kovalensky to kovalensky (ϟϟ). | 18:04:42 |
| @kovalensky:matrix.org changed their display name from kovalensky (ϟϟ) to Kovalensky (ϟϟ). | 18:04:53 |
| @kovalensky:matrix.org changed their display name from Kovalensky (ϟϟ) to Friedrich (ϟϟ). | 18:08:35 |
| @kovalensky:matrix.org changed their profile picture. | 18:12:56 |
| @kovalensky:matrix.org changed their display name from Friedrich (ϟϟ) to Derek (ϟϟ). | 18:26:44 |
