0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-15 16:53:51 +01:00

Check the user_id for presence/typing matches origin

This commit is contained in:
Erik Johnston 2016-09-08 15:04:46 +01:00
parent 2117c409a0
commit 8b93af662d
2 changed files with 15 additions and 1 deletions

View file

@ -651,6 +651,13 @@ class PresenceHandler(object):
) )
continue continue
if get_domain_from_id(user_id) != origin:
logger.info(
"Got presence update from %r with bad 'user_id': %r",
origin, user_id,
)
continue
presence_state = push.get("presence", None) presence_state = push.get("presence", None)
if not presence_state: if not presence_state:
logger.info( logger.info(

View file

@ -199,7 +199,14 @@ class TypingHandler(object):
user_id = content["user_id"] user_id = content["user_id"]
# Check that the string is a valid user id # Check that the string is a valid user id
UserID.from_string(user_id) user = UserID.from_string(user_id)
if user.domain != origin:
logger.info(
"Got typing update from %r with bad 'user_id': %r",
origin, user_id,
)
return
users = yield self.state.get_current_user_in_room(room_id) users = yield self.state.get_current_user_in_room(room_id)
domains = set(get_domain_from_id(u) for u in users) domains = set(get_domain_from_id(u) for u in users)