Skip to content

Commit

Permalink
make self-check of /.well-known/matrix/server accept redirects
Browse files Browse the repository at this point in the history
Rationale: the /.well-known/matrix/client should return only 200 as well, but it has hardcoded "safe" value, regardless the spec: https://spec.matrix.org/v1.4/client-server-api/#well-known-uri

So, why not do the same for the /.well-known/matrix/server?
  • Loading branch information
aine-etke authored Oct 26, 2022
1 parent 3694bf1 commit 21eabf4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions roles/matrix-nginx-proxy/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -489,9 +489,9 @@ matrix_nginx_proxy_self_check_validate_certificates: true

# Controls whether redirects will be followed when checking the `/.well-known/matrix/client` resource.
#
# As per the spec (https://matrix.org/docs/spec/client_server/r0.6.0#well-known-uri), it shouldn't be,
# so we default to not following redirects as well.
matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects: none
# As per the spec (https://spec.matrix.org/v1.4/client-server-api/#well-known-uri), it shouldn't be,
# but in real life all client apps and servers accept the 301 redirect.
matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects: safe

# For OCSP purposes, we need to define a resolver at the `server{}` level or `http{}` level (we do the latter).
#
Expand Down

0 comments on commit 21eabf4

Please sign in to comment.