Commit Graph

89 Commits (3ae4843c1974956799dd20e27f890c944c7aa00a)

Author SHA1 Message Date
Neil Alexander 7fcfa57ebd
Add clarification on binary data and base64 encoding to Appendices (#3362)
* Add clarification on binary data and base64 encoding (closes #3341)

* Add changelog fragment

* Delete 3362.clarification
3 years ago
ColonisationCaptain 4e51fd62d9
Insert missing space
Insert missing space
3 years ago
Richard van der Hoff dd0cc92ba8
Start a 'conventions' section in the Appendices (#3350)
I wanted a section for "here's what new APIs ought to do", which isn't really
very useful for consumers of the existing APIs.
3 years ago
Niels Basjes e7e0455e27
Explain the reasons why `<hostname>` TLS certificate is needed rather than `<delegated_hostname>` for SRV delegation. (#3322)
Signed-off-by: Niels Basjes <niels@basjes.nl>
3 years ago
Travis Ralston 56a86e428f
Merge pull request #3225 from sideshowbarker/client-server-api-Access-Control-Allow-Headers-drop-Options-Accept
Drop Origin & Accept from Access-Control-Allow-Headers value
3 years ago
Michael[tm] Smith 24810745c2
Drop Origin & Accept from Access-Control-Allow-Headers value
This change drops the Origin and Accept header names from the
recommended value for the CORS Access-Control-Allow-Headers header. Per
the CORS protocol, it’s not necessary or useful to include them.

Per-spec at https://fetch.spec.whatwg.org/#forbidden-header-name, Origin
is a “forbidden header name” set by the browser and that frontend
JavaScript code is never allowed to set.

So the value of Access-Control-Allow-Headers isn’t relevant to Origin or
in general to other headers set by the browser itself — the browser
never ever consults the Access-Control-Allow-Headers value to confirm
that it’s OK for the request to include an Origin header.

And per-spec at https://fetch.spec.whatwg.org/#cors-safelisted-request-header,
Accept is a “CORS-safelisted request-header”, which means that browsers
allow requests to contain the Accept header regardless of whether the
Access-Control-Allow-Headers value contains "Accept".

So it’s unnecessary for the Access-Control-Allow-Headers to explicitly
include Accept. Browsers will not perform a CORS preflight for requests
containing an Accept request header.

Related: Related: https://github.com/matrix-org/synapse/pull/10114

Signed-off-by: Michael[tm] Smith <mike@w3.org>
4 years ago
ilovecommits fee59e306d
Correct 'once-off' to 'one-off' 4 years ago
Travis Ralston eb6f9246ad
Merge pull request #3176 from matrix-org/travis/clarification/lowercasing
Case fold instead of lowercase
4 years ago
Hubert Chathi 71a9bef12a
Merge pull request #3207 from toadjaune/patch-2
Fix a typo in event soft rejection schema
4 years ago
Hubert Chathi 4beb86992b
Fix broken ASCII art 4 years ago
Arnaud Venturi fd84bd7217
Fix a typo in event soft rejection schema
Signed-off-by: Arnaud Venturi <github@toadjaune.eu>
4 years ago
Hubert Chathi e201f4977e Deprecate verifications that don't begin with a request. 4 years ago
Travis Ralston 60566bf0e4 iterate 4 years ago
Travis Ralston 9dc3830e92 Merge branch 'master' into travis/clarification/lowercasing 4 years ago
Andrew Morgan cea6622df8
Clarify that implementations can use stable prefixes once an MSC has merged (#3179)
Fixes #3146.

This PR changes the Matrix Spec Proposals page to clarify that implementations **do not** need to wait until a spec release to use stable prefixes, but that they can do so after the corresponding MSC has been merged. The justification is that once an MSC has been merged, it's fairly guaranteed that it will land in the spec. Yet it will take time for the spec release process to run its course, and we shouldn't make implementations wait for that.

The exception to this is if implementating a feature in a backwards-compatible way requires a new spec version to indicate to clients/servers that a feature has been added/changed. This situation is rare though, and most implementations won't fall into this category.
4 years ago
Andrew Morgan a7b344d45a
Clarify what happens when a concern is raised during FCP (#3180)
It wasn't entirely clear what should happen to the FCP timer (and state) when a concern is raised during FCP. After some discussion, we agreed that when a concern is raised:

1. FCP will continue to not conclude until at least 5 days have passed, but once those 5 days are up it *still* won't conclude until all concerns raised during FCP are resolved.
2. If a concern warrants a large enough change in the document, then the Spec Core Team may consider cancelling FCP and restarting the timer in order for people to have some time to think about and review the new changes.
4 years ago
Travis Ralston 6c4ee891c3
Merge pull request #3177 from matrix-org/travis/spec/spaces-groups-rm
Remove group identifiers
4 years ago
Travis Ralston 4fc54875b1
Merge pull request #3170 from matrix-org/travis/spec/msc2713-rm-v1-id
Remove v1 identity service API
4 years ago
Travis Ralston abbf2d5fbc Remove group identifiers
Groups are replaced by https://github.com/matrix-org/matrix-doc/pull/1772 and this probably shouldn't have made it into the spec in the first place without the remaining context of Groups.
4 years ago
Travis Ralston 69381cc6a4 Case fold instead of lowercase
Fixes https://github.com/matrix-org/matrix-doc/issues/3175
4 years ago
Travis Ralston f27b8e36b9
Merge pull request #3101 from matrix-org/travis/spec/MSC2320-identity-versions
Add identity service versions API
4 years ago
Travis Ralston ab0c773d80
Merge pull request #3163 from matrix-org/travis/spec/msc2858-multisso
Describe social-sign-on (multiple SSO providers)
4 years ago
Travis Ralston 70d9deb2e8
Apply suggestions from code review
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
4 years ago
Travis Ralston e6245f667d Clarify provider naming 4 years ago
Travis Ralston 641d2adfa0
Apply suggestions from code review
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
4 years ago
Travis Ralston 2119b5ed3e
Merge pull request #3167 from matrix-org/travis/spec/msc2265-lower-3pid
Specify that email handling converts to lowercase first
4 years ago
Travis Ralston 42717187b4
Spelling 4 years ago
Travis Ralston 740e76a1c6 Merge branch 'master' into travis/spec/MSC2320-identity-versions 4 years ago
Travis Ralston b4e1a816a9 Remove v1 identity service API
Spec for https://github.com/matrix-org/matrix-doc/pull/2713
4 years ago
Travis Ralston 7458ce9fd1 Downgrade identity server failure to FAIL_PROMPT instead of FAIL_ERROR
Spec for https://github.com/matrix-org/matrix-doc/pull/2284
4 years ago
Travis Ralston dd3fbab83c Specify that email handling converts to lowercase first
Spec for https://github.com/matrix-org/matrix-doc/pull/2265
4 years ago
Travis Ralston 7e3f72a95c Describe social-sign-on (multiple SSO providers)
Spec for [MSC2858](https://github.com/matrix-org/matrix-doc/pull/2858)
4 years ago
Travis Ralston 315f36cf38
Merge pull request #3154 from matrix-org/travis/spec/knock-knock-whos-there
Add knocking to the spec
4 years ago
Travis Ralston 509e056dfa Fix general wording 4 years ago
Travis Ralston c27a29b361 Add knocking to the spec
Spec for https://github.com/matrix-org/matrix-doc/pull/2998
Spec for https://github.com/matrix-org/matrix-doc/pull/2403

This deliberately does not help towards fixing https://github.com/matrix-org/matrix-doc/issues/3153 in order to remain consistent with prior room versions, and to keep the diff smaller on this change. A future change will address room version legibility.
4 years ago
Hubert Chathi 4f0825f53d
Merge pull request #3149 from uhoreg/qr_codes_spec
Add spec for verification by QR codes.
4 years ago
Hubert Chathi dc8dd05c63
Apply suggestions from code review
Co-authored-by: Travis Ralston <travpc@gmail.com>
4 years ago
Hubert Chathi 06dc1acebb
Merge pull request #3151 from uhoreg/single_ssss_spec
Document Single SSSS.
4 years ago
Hubert Chathi b67ff356e8
Merge pull request #3150 from uhoreg/verification_fixes
Make SAS outline fit with key verification in DM flow.
4 years ago
Hubert Chathi b6884c20e2
Update content/client-server-api/modules/end_to_end_encryption.md
Co-authored-by: Travis Ralston <travpc@gmail.com>
4 years ago
Hubert Chathi c7df3732e3 Document Single SSSS. 4 years ago
Hubert Chathi 9e4fbfcc88 Make SAS outline fit with key verification in DM flow. 4 years ago
Hubert Chathi 1d98a7441b Add spec for verification by QR codes. 4 years ago
Hubert Chathi 10fcfdafbd Add information about using SSSS for cross-signing and key backup. 4 years ago
Hubert Chathi b91a15f7d9
Apply suggestions from code review
Co-authored-by: Travis Ralston <travpc@gmail.com>
4 years ago
Hubert Chathi 04cf7b9414 spec verification in DMs and m.key.verification.ready/done 4 years ago
Travis Ralston dec4737f40
Fix event size restriction (#3127)
Fixes https://github.com/matrix-org/matrix-doc/issues/3126
4 years ago
Travis Ralston 45fd2a2c1e
Merge pull request #3099 from matrix-org/travis/spec/MSC2801-untrusted-bodies
Sprinkle some DANGER: UNSAFE warnings over the spec about event bodies
4 years ago
Travis Ralston 745fb766a1
Apply suggestions from code review
Co-authored-by: Matthew Hodgson <matthew@matrix.org>
4 years ago
Travis Ralston 629feb4221
Merge pull request #3098 from matrix-org/travis/spec/r2-MSC2010-MSC2422-MSC2557-color-spoilers
Incorporate spoilers and `color` tag allowance
4 years ago