Add EE2E bypass url previews to the element mobile clients #3778
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Currently translated at 40.6% (26 of 64 strings) Translation: matrix-doc/SAS Emoji v1 Translate-URL: https://translate.element.io/projects/matrix-doc/sas-emoji-v1/tzm/
Add information about using SSSS for cross-signing and key backup.
Co-authored-by: Travis Ralston <[email protected]>
Make SAS outline fit with key verification in DM flow.
Document Single SSSS.
Co-authored-by: Travis Ralston <[email protected]>
Add spec for verification by QR codes.
Co-authored-by: Hubert Chathi <[email protected]>
…-there Add knocking to the spec
Markdown is not structured data.
Disambiguate from getEvents by a trailing space in path (like inviteUser). Signed-off-by: Lukas Lihotzki <[email protected]>
OpenAPI: include peekEvents
hugo tales commonmark.
... and the minimum version required.
I wanted a section for "here's what new APIs ought to do", which isn't really very useful for consumers of the existing APIs.
Insert missing space
Insert missing space
Signed-off-by: Aaron Raimist <[email protected]>
Fix two links on the CS API page
The Pagination section in the C-S API was, basically, full of rubbish. I think that anything of any value it contained was repeated either directly on the API definitions or in the text specific to syncing at https://spec.matrix.org/unstable/client-server-api/#syncing. The conventions I've added to the Appendices are based on the discussions in #1898. They are there because I don't want to have to go through it all again next time we add a paginated API. Fixes: #1898 Fixes: #2268
This has moved to `data/schemas`.
This tweaks the DAG to be simpler, with two linear event chains E4 -> E3 -> E2 -> E1 and E6 -> E5 -> E2 -> E1. The extremities of the DAG are now the first and only point in the DAG where multiple event parents occur. Since the point of the diagram is to demonstrate this very situation, it's better didactically if there is only one such situation in the diagram.
* Proposal for token authenticated registration Signed-off-by: Callum Brown <[email protected]> * Hard-wrap lines Signed-off-by: Callum Brown <[email protected]> * Link to released version of spec Signed-off-by: Callum Brown <[email protected]> * Fix unstable prefix wording Signed-off-by: Callum Brown <[email protected]> * Tokens should only be invalidated after registration Signed-off-by: Callum Brown <[email protected]> * Change auth type to m.login.registration_token This is consistent with the other UIAA auth types, and does not suggest that other `m.login.*` types cannot be used for registration. Signed-off-by: Callum Brown <[email protected]> * Add proposal for checking the validity of a token Signed-off-by: Callum Brown <[email protected]> * Fix validity checking endpoint Signed-off-by: Callum Brown <[email protected]> * Limit allowed characters and length of token This allows tokens to be used easily in query parameters Signed-off-by: Callum Brown <[email protected]> * Give reason for limiting token length and chars Signed-off-by: Callum Brown <[email protected]> * Note all stages must be complete for registration Co-authored-by: Andrew Morgan <[email protected]> * Fix mistake in MSC number Signed-off-by: Callum Brown <[email protected]> * Validity checking should be rate limited Signed-off-by: Callum Brown <[email protected]> * Change v1 to r0 Signed-off-by: Callum Brown <[email protected]> * Include `.` and `~` in allowed characters for registration tokens For consistency with the unreserved URL characters in RFC3986 https://www.ietf.org/rfc/rfc3986.html#section-2.3 Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Andrew Morgan <[email protected]> Co-authored-by: Richard van der Hoff <[email protected]>
* Refresh tokens MSC * MSC2918: minor changes * MSC2918: access token expiration as milliseconds * MSC2918: account registration API changes * MSC2918: fix `expires_in_ms` example * MSC2918: add precision about token revocation * MSC2918: specify error codes for the refresh API * MSC2918: clarify that the change also applies to ASes * Apply suggestions from code review Co-authored-by: Richard van der Hoff <[email protected]> * MSC2918: clarify what problem this MSC solves * MSC2918: minor formatting and rephrasing * MSC2918: clarify ratelimiting, masquerading and authentication on refresh token API * MSC2918: make expires_in_ms/refresh_token optional * MSC2918: soft logout in refresh token API * MSC2918: add detailed rationale While not exhaustive, it outlines a few attack vectors this MSC tries to mitigate. * MSC2918: minor fix Co-authored-by: Hubert Chathi <[email protected]> * MSC2918: clarifications on backward compatibility * MSC2918: advertise support in the request body * MSC2918: clarify on what happen when token expire * MSC2918: remove redundant precision about token expiration and lifetime Co-authored-by: Richard van der Hoff <[email protected]> * MSC2918: minor clarification * MSC2918: soft logout when using expired token Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Hubert Chathi <[email protected]>
) * add room type in store invite * update dev identifier purpose * Added clarification if type not present, and on email generation * Update proposals/3288-pass_room_type_in_3pid_invite.md Co-authored-by: Travis Ralston <[email protected]> * Update proposals/3288-pass_room_type_in_3pid_invite.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/3288-pass_room_type_in_3pid_invite.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/3288-pass_room_type_in_3pid_invite.md Co-authored-by: Travis Ralston <[email protected]> * Update proposals/3288-pass_room_type_in_3pid_invite.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/3288-pass_room_type_in_3pid_invite.md Co-authored-by: Richard van der Hoff <[email protected]> * Update 3288-pass_room_type_in_3pid_invite.md fix typo Co-authored-by: Travis Ralston <[email protected]> Co-authored-by: Richard van der Hoff <[email protected]>
* Allow guests to use /account/whoami * speling
* Spaces Summary * MSC2946 * Clarity * More clarity * Clarify what no room data means for clients * Federation API * Update 2946-spaces-summary.md * auto_join filter * Blurb on auth for fed api * Update to reflect MSC1772 changes * Mention auth chain on federation api * Add 'version' field * Stripped state; remove room versions * Update 2946-spaces-summary.md * Update proposals/2946-spaces-summary.md Co-authored-by: Patrick Cloke <[email protected]> * Replace with link to draft doc. * Add a preamble and copy the current draft API. * Switch to using stable identifiers (and add an unstable identifiers section). * Updates / clarifications. * Fix typo. * Clean-ups. * Update proposals/2946-spaces-summary.md Co-authored-by: Travis Ralston <[email protected]> * Drop unstable identifiers from MSC1772. * Various updates and clarifications. * Include the origin_server_ts in the response, as needed by MSC1772. * Rename a parameter for clarity. * Fix typo. Co-authored-by: David Baker <[email protected]> * Various clarifications based on feedback. * Add auth / rate-limiting info. * Combine some double spaces. * Use only GET endpoints. * Add notes about DoS potential. * Tweaks from review. * Add context about why stripped events are returned. * Remove some implementation details. * Add notes on ordering. * Remove unnecessary data. * Clarify the server-server API. * More clarifications. * Remove obsolete note. * Some clarifications to what accessible means. * Update notes about sorting to include the origin_server_ts of the m.space.child event. This reverts commit af8c7b0. * Only consider `m.space` rooms and do not return links to nowhere. * Updates based on MSC3173 merging and updates to MSC3083. * Updates per MSC2403. * Remove field which is not part of the C-S API. * Rewrite the proposal. * Handle todo comments. * Update URLs. * Rename field. * Updates based on implementation. * Clarify the state which is persisted. * Expand notes about errors. * Update MSC with pagination parameter. * Fix wrong endpoint. Co-authored-by: Matthew Hodgson <[email protected]> * Clarifications based on implementation. * Remove empty section. * Fix typo. Co-authored-by: Richard van der Hoff <[email protected]> * Rename field in example. * Clarify error code. * Clarify ordering changes. * Clarify wording. Co-authored-by: Travis Ralston <[email protected]> * Fix typos. Co-authored-by: Hubert Chathi <[email protected]> * Clarify that rooms do not belong to servers. Co-authored-by: Hubert Chathi <[email protected]> * Fix example to use correct URL. Co-authored-by: Hubert Chathi <[email protected]> * Clarify using local vs. remote data. Co-authored-by: Hubert Chathi <[email protected]> * Clarify bits aboud stripped state. * Clarify access control of federation responses. * Clarify error code. Co-authored-by: Hubert Chathi <[email protected]> * Be less prescriptive about expiring data. * Limit must be non-zero. Co-authored-by: Travis Ralston <[email protected]> * Rate limiting. Co-authored-by: Travis Ralston <[email protected]> * Add a note about room upgrades. * Update stable URLs per MSC2844. * Clarify federation return values. * Clarify `origin_server_ts`. Co-authored-by: Andrew Morgan <[email protected]> * Tweak wording around `inaccessible_children`. Co-authored-by: Patrick Cloke <[email protected]> Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Patrick Cloke <[email protected]> Co-authored-by: Matthew Hodgson <[email protected]> Co-authored-by: Travis Ralston <[email protected]> Co-authored-by: David Baker <[email protected]> Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Travis Ralston <[email protected]> Co-authored-by: Hubert Chathi <[email protected]> Co-authored-by: Andrew Morgan <[email protected]>
* Create 3278-enable_set_displayname-capabilities.md * Apply suggestions from code review Co-authored-by: Alexey Rusakov <[email protected]> * Apply suggestions from code review Co-authored-by: Alexey Rusakov <[email protected]> * Update and rename 3278-enable_set_displayname-capabilities.md to 3279-enable_set_displayname-capabilities.md * Update and rename 3279-enable_set_displayname-capabilities.md to 3282-enable_set_displayname-capabilities.md * Update and rename 3282-enable_set_displayname-capabilities.md to 3283-enable_set_displayname-capabilities.md * Update proposals/3283-enable_set_displayname-capabilities.md Co-authored-by: Alexey Rusakov <[email protected]> * Update proposals/3283-enable_set_displayname-capabilities.md Co-authored-by: Will Hunt <[email protected]> * Update proposals/3283-enable_set_displayname-capabilities.md Co-authored-by: Will Hunt <[email protected]> * Update 3283-enable_set_displayname-capabilities.md * Update 3283-enable_set_displayname-capabilities.md * Update proposals/3283-enable_set_displayname-capabilities.md Co-authored-by: Dirk Klimpel <[email protected]> * Update proposals/3283-enable_set_displayname-capabilities.md Co-authored-by: Dirk Klimpel <[email protected]> * Update 3283-enable_set_displayname-capabilities.md * Update 3283-enable_set_displayname-capabilities.md * Update 3283-enable_set_displayname-capabilities.md * Update 3283-enable_set_displayname-capabilities.md Co-authored-by: Alexey Rusakov <[email protected]> Co-authored-by: Will Hunt <[email protected]> Co-authored-by: Dirk Klimpel <[email protected]>
* initial version of event relationship MSC * fix MSC numbers * clarifications * mention multiple relations per event might be useful, but postpone for a future MSC * mention MSC 3051 for proposed multiple relations * remove send_relation endpoint * move e2ee section under sending relations * mention limitation of leaving server-side aggregations out for now * remove mentions of m.reference, we'll sort that out in another MSC * whitespace * argument why m.relates_to should be preserved by redactions more general but still give example of redacted edits * deal with this in the comments * clarify the conditions to meet for a relation * mention specifically that this does not replace replies (yet) * clarify how general rel_types should be * clarify that gaps may cause clients to be unaware of some relations * Update proposals/2674-event-relationships.md Co-authored-by: DeepBlueV7.X <[email protected]> * Update proposals/2674-event-relationships.md Co-authored-by: DeepBlueV7.X <[email protected]> * make wording clearer and move to bottom of section * remove this as references are not defined here anymore * clearer wording * move edge cases to other relevant mscs * clarify that a goal of sticking to this format is backwards compat. * mention MSC 3267, to which m.reference has been extracted * Update proposals/2674-event-relationships.md Co-authored-by: Hubert Chathi <[email protected]> * Update proposals/2674-event-relationships.md Co-authored-by: Hubert Chathi <[email protected]> * Update proposals/2674-event-relationships.md Co-authored-by: Matthew Hodgson <[email protected]> * Update proposals/2674-event-relationships.md Co-authored-by: Matthew Hodgson <[email protected]> * Update proposals/2674-event-relationships.md Co-authored-by: Travis Ralston <[email protected]> * wrap lines * better wording * this is singular, really * add example of event shape * specify how invalid relations should be treated by the redaction algorithm * fix typo * split up redactions changes in separate MSC * also add new msc to introduction * reword why not adopt m.in_reply_to * remove guidelines how to pick rel_type * mention that the target event must exist in the same room * spell out the conscious (subject, object, verb) triple idea. * Spelling Co-authored-by: Richard van der Hoff <[email protected]> * remove paragraph saying what server should accept * Revert "remove paragraph saying what server should accept" This reverts commit e027133. * further specify that a server should reject invalid relations through the cs api * linebreak Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Bruno Windels <[email protected]> Co-authored-by: DeepBlueV7.X <[email protected]> Co-authored-by: Matthew Hodgson <[email protected]> Co-authored-by: Travis Ralston <[email protected]> Co-authored-by: Richard van der Hoff <[email protected]>
Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Hubert Chathi <[email protected]> Co-authored-by: Travis Ralston <[email protected]>
Now that we've dropped the old build pipeline (and an assets directory does not exist in the repo any longer, we can rename the hugo version of the assets (assets-hugo) created during the build tools migration back to simply assets.
* initial version of serverside aggregations proposal * fix MSC numbers * clarification * add e2ee section from 2674 here, as it is only needed for server-side aggregations * move edge case wrt to calling /context on a relation here from 2674 * fix typo * clarify which APIs should bundle relations * move stale_events over to future extensions section * summarize stale_events and make tone conditional to mark that is not part of the MSC * casing and wording * clarify in summary an API for requesting relations is also proposed * remove proposal for batch get event api as is unused and unimplemented * attempt to clarify relations vs aggregations * clarify pagination and align it with synapse impl already in the wild * conciseness * better headers * clarify that relations are always returned, contrary to aggregations * document the limitation of the event type not being known in e2ee rooms * specify that redacted relations are not aggregated * remove type in (non-binding) example as synapse doesn't do this * mention that these are just examples * clarify that this is a non-normative example * Update proposals/2675-aggregations-server.md Co-authored-by: David Baker <[email protected]> * add http method for endpoint list * line break * remove "unbundled relations" term, it's just confusing instead use relation events, with the bundled form now called aggregation also restructure the headings so we have on section about aggregations and another one about querying relation events * some more restructuring of text after changing doc structure * mention original_event for m.replace relations * remove dir param as it is unused and unimplemented * clarify that relating pending events should happen by transaction_id * remove unimplemented /aggregations/{eventID}//{eventType}/{key} endpoint * Update proposals/2675-aggregations-server.md Co-authored-by: Patrick Cloke <[email protected]> * mention that the server might not be aware of all the relations * clarify that redacted events should still return their relations and aggregations respectively * remove /context edge case, it should not be special-cased * Update proposals/2675-aggregations-server.md Co-authored-by: Patrick Cloke <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Patrick Cloke <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Patrick Cloke <[email protected]> * bad example, replies doesn't use relations * clarify that we dont bundle discrete events * clarify that we dont bundle discrete events, again * improve example * clarify this MSC does not use a prefix * better english * clarify pagination in example * better english * remove contradication: m.reference doesn't support pagination but example mentions it * double punctuation * clarify that only the bundled aggregation limit for truncation can't be set by the client, /aggregations does have a limit param * move e2ee limitation to limitations section * clarify prefixes * mention that state events never bundle aggregations * Update proposals/2675-aggregations-server.md Co-authored-by: Patrick Cloke <[email protected]> * add that the visibility of relations can derive from that of the target * typsos * be more explicit * moar rewording * keep related parts together * don't make a relation invisible because the target event isn't also clarify what to do with relations for which the target is invisible * Update proposals/2675-aggregations-server.md Co-authored-by: David Baker <[email protected]> * better words * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * be more precise when clients should ensure the key is shared * mention that ignored users can cause different aggregations for users * move visibility rule changes to MSC3570 * don't overspecify visibility limitation, allow for unspecified behaviour as synapse includes the invisible events in the aggregation * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * move non-normative note to below example * make rel_type mandatory as the response structure doesn't allow for mixing types * fix typo/thinko * make pagination forward only as there is no use case for backwards * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * add non-normative aggregation examples * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * use relation type rather than rel_type the former is already define as the latter in MSC 2674 * change trailing slashes remark to event_type, rel_type is mandatory now * reword and split out client-side aggregation section * rename parent event to target event, the term used elsewhere * apply suggestion * apply suggestion * remove pagination * remove mentions of /aggregations endpoint after removing pagination * add note about not bundling into state events * restructure headers so more of the aggregations stuff is under section * make rel_type mandatory for /relations and better wording * remove confusion that aggregations contain more info than relations * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Richard van der Hoff <[email protected]> * mention that tokens from /sync, /messages can be used on /relations * try not to be overly prescriptive * remove edge case of ignoring events without target event, as ignoring is not always safe * clarify limitation for encrypted rooms * make rel_type optional again for /relations * Update proposals/2675-aggregations-server.md Co-authored-by: Hubert Chathi <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Hubert Chathi <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Hubert Chathi <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Hubert Chathi <[email protected]> * Update proposals/2675-aggregations-server.md Co-authored-by: Matthew Hodgson <[email protected]> * mention requires auth and rate-limited on /relations * replace hypothetical examples for bundled aggregations with non-normative ones * move to MSC 2676 as it's specific to edits * dont repeat how local echo using transaction_id works Co-authored-by: Bruno Windels <[email protected]> Co-authored-by: David Baker <[email protected]> Co-authored-by: Patrick Cloke <[email protected]> Co-authored-by: Richard van der Hoff <[email protected]> Co-authored-by: Matthew Hodgson <[email protected]>
* Proposal to add timestamp massaging to the spec Signed-off-by: Tulir Asokan <[email protected]> * Update unstable prefix Signed-off-by: Tulir Asokan <[email protected]>
|
It looks like you're trying to merge the wrong thing here. Also, from your comment, it sounds like you should be opening an issue on the element-ios and element-android repositories, rather than opening a PR here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
26 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A feature that was recently added to the element client on desktop and web but hasnt gotten to the mobile side.