synapse/changelog.d
Denis Kasak 2476d5373c
Mitigate media repo XSSs on IE11. (#10468)
IE11 doesn't support Content-Security-Policy but it has support for
a non-standard X-Content-Security-Policy header, which only supports the
sandbox directive. This prevents script execution, so it at least offers
some protection against media repo-based attacks.

Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
2021-07-27 13:45:10 +02:00
..
.gitignore Correct attrs package name in requirements (#3492) 2018-07-07 10:46:59 +10:00
9918.feature Support MSC2033: Device ID on whoami (#9918) 2021-07-27 05:28:20 +00:00
10254.feature Update the MSC3083 support to verify if joins are from an authorized server. (#10254) 2021-07-26 12:17:00 -04:00
10283.feature MSC3244 room capabilities implementation (#10283) 2021-07-20 12:59:23 +01:00
10408.misc Add type hints to synapse.federation.transport.client. (#10408) 2021-07-26 11:53:09 -04:00
10426.feature Update the notification email subject when invited to a space. (#10426) 2021-07-21 17:29:54 +00:00
10429.misc Drop xenial-support hacks (#10429) 2021-07-21 21:25:28 +01:00
10431.misc Enable docker image caching for the deb build (#10431) 2021-07-26 11:36:01 +01:00
10432.misc Switch to chunk events so we can auth via power_levels (MSC2716) (#10432) 2021-07-21 10:29:57 +00:00
10437.misc Add type hints to additional servlet functions (#10437) 2021-07-21 18:12:22 +00:00
10438.misc Add a return type to parse_string. (#10438) 2021-07-21 09:47:56 -04:00
10442.misc Replace or_ignore in simple_insert with simple_upsert (#10442) 2021-07-22 12:39:50 +01:00
10444.misc Fix the tests-done Github Actions job (#10444) 2021-07-22 11:10:30 +01:00
10445.doc Fix the hierarchy of OpenID providers in the docs. (#10445) 2021-07-21 13:48:06 -04:00
10446.misc Fix a handful of type annotations. (#10446) 2021-07-22 12:00:16 +01:00
10448.feature Add creation_ts to list users admin API (#10448) 2021-07-22 16:05:16 +02:00
10451.misc Cancel redundant GHA workflows (#10451) 2021-07-22 11:35:06 +01:00
10453.doc Move dev/ docs to development/ (#10453) 2021-07-22 12:58:24 +02:00
10461.misc Fix an error in the docker workflow (#10461) 2021-07-22 21:50:30 +01:00
10463.misc Disable msc2716 until Complement update is merged (#10463) 2021-07-22 20:19:30 +00:00
10468.misc Mitigate media repo XSSs on IE11. (#10468) 2021-07-27 13:45:10 +02:00
10482.misc Add type hints to state handler. (#10482) 2021-07-26 12:49:53 -04:00