| 16 Oct 2024 |
 Saimo | Hi does anybody have an idea on how one could start to replicate Telegrams Channel Type.
The problem I have currently is that there are so many places where invites/joins/leaves memberships are sent.
Is there a commonplace I am not seeing here where I could filter these out for groups on the Backend/Dendrite? | 17:44:59 |
 Ricardo Duarte | You might have better luck asking in #matrix-dev:matrix.org | 20:07:52 |
| 18 Oct 2024 |
|  Andrew Morgan (anoa) {he/him} changed their display name from Andrew Morgan (anoa) {he/him} [away til 8th] to Andrew Morgan (anoa) {he/him} [back Oct22]. | 02:52:56 |
|  Alfredorian joined the room. | 16:18:22 |
|  adnull joined the room. | 20:06:59 |
| Alfredorian set a profile picture. | 22:39:01 |
| 19 Oct 2024 |
| adnull changed their profile picture. | 09:39:57 |
| 22 Oct 2024 |
| Andrew Morgan (anoa) {he/him} changed their display name from Andrew Morgan (anoa) {he/him} [back Oct22] to Andrew Morgan (anoa) {he/him}. | 10:09:39 |
| 25 Oct 2024 |
|  nosson.kyriee joined the room. | 03:15:07 |
| 28 Oct 2024 |
|  @noctacode:matrix.org left the room. | 06:25:05 |
|  Koala Yeung joined the room. | 16:07:42 |
|  yemou changed their profile picture. | 16:35:59 |
|  @oluwafemifranchis:matrix.org joined the room. | 19:48:06 |
|  Administrator banned @oluwafemifranchis:matrix.org (spam). | 19:48:12 |
| 29 Oct 2024 |
|  theonlypopcat joined the room. | 14:22:06 |
|  @yh:mtrx.pp.ua joined the room. | 22:49:39 |
| 30 Oct 2024 |
| Andrew Morgan (anoa) {he/him} changed their display name from Andrew Morgan (anoa) {he/him} to Andrew Morgan (anoa) {he/him} [back Nov 5]. | 22:15:41 |
| 31 Oct 2024 |
|  robojeb joined the room. | 01:44:55 |
|  bouwman_theo_ changed their display name from bouwman_theo to bouwman_theo_. | 12:14:51 |
|  @1menace:tchncs.de joined the room. | 17:01:01 |
| @1menace:tchncs.de removed their display name 1menace. | 17:29:16 |
| @1menace:tchncs.de left the room. | 17:29:24 |
| 1 Nov 2024 |
|  BuZZ-dEE changed their profile picture. | 01:56:33 |
| BuZZ-dEE changed their profile picture. | 01:57:07 |
|  dfrankcom joined the room. | 06:02:32 |
|  Muhammad Rehan Khan joined the room. | 21:56:30 |
| 2 Nov 2024 |
| dfrankcom | Is anyone familiar with the requirements around this error message?
https://github.com/matrix-org/dendrite/blob/6cd1285ca0276bebd407110c37031bc4622f0b79/mediaapi/routing/download.go#L959
The beeper.com server responds to media requests with a Location header, which dendrite doesn't support at the moment.
I found a change in a PR which had handling for this header at some point, but it was removed "due to not having any mechanism to allow/block access to certain resources".
https://github.com/matrix-org/dendrite/pull/3397/commits/7451e203c730987395da32ab163bcad8a9c876d6#r1710029372
I'm confused about what it means to allow/block access to resources in this context - is this about passing the authentication to the followed request, or is this about a larger issue like admin ability to blacklist servers?
Synapse seems to support the Location header with a recursive request to the _send_request method.
https://github.com/element-hq/synapse/blob/c705beebf7e95f25624ec38280192d96bc207626/synapse/http/matrixfederationclient.py#L749
| 15:58:28 |
 tulir | In reply to @dfrankcom:matrix.org
Is anyone familiar with the requirements around this error message?
https://github.com/matrix-org/dendrite/blob/6cd1285ca0276bebd407110c37031bc4622f0b79/mediaapi/routing/download.go#L959
The beeper.com server responds to media requests with a Location header, which dendrite doesn't support at the moment.
I found a change in a PR which had handling for this header at some point, but it was removed "due to not having any mechanism to allow/block access to certain resources".
https://github.com/matrix-org/dendrite/pull/3397/commits/7451e203c730987395da32ab163bcad8a9c876d6#r1710029372
I'm confused about what it means to allow/block access to resources in this context - is this about passing the authentication to the followed request, or is this about a larger issue like admin ability to blacklist servers?
Synapse seems to support the Location header with a recursive request to the _send_request method.
https://github.com/element-hq/synapse/blob/c705beebf7e95f25624ec38280192d96bc207626/synapse/http/matrixfederationclient.py#L749
the problem is dendrite lacks an ip blacklist | 16:36:28 |
| tulir | an attacker can craft a malicious redirect to a local ip and extract data that should only be available to local devices | 16:37:09 |
| tulir | (of course it's bad practice to have unauthenticated resources even locally, but some people do that anyway, which means such attacks need to be blocked by applications that proxy requests) | 16:38:22 |
