mirror of
https://github.com/element-hq/synapse
synced 2024-07-04 19:13:31 +00:00
094896a69d
This is a config option ported over from DINUM's Sydent: https://github.com/matrix-org/sydent/pull/285 They've switched to validating 3PIDs via Synapse rather than Sydent, and would like to retain this functionality. This original purpose for this change is phishing prevention. This solution could also potentially be replaced by a similar one to https://github.com/matrix-org/synapse/pull/8004, but across all `*/submit_token` endpoint. This option may still be useful to enterprise even with that safeguard in place though, if they want to be absolutely sure that their employees don't follow links to other domains.
1 line
132 B
Gherkin
1 line
132 B
Gherkin
Add a config option to specify a whitelist of domains that a user can be redirected to after validating their email or phone number. |