Merge pull request #2343 from matrix-org/travis/spec/fix-2120

Recommend that clients don't preview URLs in encrypted rooms
identity_service/release-r0.3.0
Travis Ralston 5 years ago committed by GitHub
commit 8e6e47ae7d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -340,6 +340,16 @@ paths:
"/preview_url":
get:
summary: "Get information about a URL for a client"
description: |-
Get information about a URL for the client. Typically this is called when a
client sees a URL in a message and wants to render a preview for the user.
.. Note::
Clients should consider avoiding this endpoint for URLs posted in encrypted
rooms. Encrypted rooms often contain more sensitive information the users
do not want to share with the homeserver, and this can mean that the URLs
being shared should also not be shared with the homeserver.
operationId: getUrlPreview
produces: ["application/json"]
security:

@ -0,0 +1 @@
Clarify that clients should consider not requesting URL previews in encrypted rooms.
Loading…
Cancel
Save