Commit Graph

5920 Commits (5d4713f168c7449fe4aae63749d3de2373dfd1ea)
 

Author SHA1 Message Date
Travis Ralston 5d4713f168 Changelog for https://github.com/matrix-org/matrix-doc/pull/3225 3 years ago
Travis Ralston f433e07763 Merge pull request #3225 from sideshowbarker/client-server-api-Access-Control-Allow-Headers-drop-Options-Accept
Drop Origin & Accept from Access-Control-Allow-Headers value
3 years ago
Travis Ralston efbccb6edd Merge pull request #3228 from ilovecommits/patch-1
Correct 'once-off' to 'one-off'
3 years ago
Michael[tm] Smith d7cf63d981 Drop Origin & Accept from Access-Control-Allow-Headers value
This change drops the Origin and Accept header names from the
recommended value for the CORS Access-Control-Allow-Headers header. Per
the CORS protocol, it’s not necessary or useful to include them.

Per-spec at https://fetch.spec.whatwg.org/#forbidden-header-name, Origin
is a “forbidden header name” set by the browser and that frontend
JavaScript code is never allowed to set.

So the value of Access-Control-Allow-Headers isn’t relevant to Origin or
in general to other headers set by the browser itself — the browser
never ever consults the Access-Control-Allow-Headers value to confirm
that it’s OK for the request to include an Origin header.

And per-spec at https://fetch.spec.whatwg.org/#cors-safelisted-request-header,
Accept is a “CORS-safelisted request-header”, which means that browsers
allow requests to contain the Accept header regardless of whether the
Access-Control-Allow-Headers value contains "Accept".

So it’s unnecessary for the Access-Control-Allow-Headers to explicitly
include Accept. Browsers will not perform a CORS preflight for requests
containing an Accept request header.

Related: Related: https://github.com/matrix-org/synapse/pull/10114

Signed-off-by: Michael[tm] Smith <mike@w3.org>
3 years ago
Travis Ralston e5b907021c changelog for https://github.com/matrix-org/matrix-doc/pull/3254 3 years ago
ilovecommits 175e3c157d Correct 'once-off' to 'one-off' 3 years ago
Christian Paul 86b53be3d1 Add "knock" membership to /members endpoint (#3254) 3 years ago
Travis Ralston 87d22392ac Merge pull request #3173 from matrix-org/clokep/stripped-state
MSC3173: Expose stripped state events to any potential joiner
3 years ago
Travis Ralston 2ebae1cddd Merge pull request #3251 from matrix-org/dependabot/npm_and_yarn/postcss-7.0.36
Bump postcss from 7.0.32 to 7.0.36
3 years ago
Patrick Cloke c027957f01 Remove unstable prefixes. 3 years ago
Travis Ralston 6ba9ff5303 Merge pull request #3250 from matrix-org/jryans/mobile-toc-overlap
Fix sidebar overlap for small width devices
3 years ago
dependabot[bot] a58966ad6e Bump postcss from 7.0.32 to 7.0.36
Bumps [postcss](https://github.com/postcss/postcss) from 7.0.32 to 7.0.36.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/7.0.32...7.0.36)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Patrick Cloke b9daaa3a3f Rework this (again) to remove the API based on conversations with the SCT. 3 years ago
Travis Ralston 3e186da139 Merge pull request #2732 from uhoreg/fallback_keys
MSC2732: Olm fallback keys
3 years ago
J. Ryan Stinnett ae227b7070 Fix sidebar overlap for small width devices
This resolves a jarring text overlap issue with the sidebar by only adjusting
the `max-height` at larger widths, which matches the original rule being
overridden.

Fixes https://github.com/matrix-org/matrix-doc/issues/3049
3 years ago
Patrick Cloke 4933ecd176 Add federation and reword a bit. 3 years ago
Patrick Cloke 8082b2f813 Clarify examples. 3 years ago
Patrick Cloke c37512343e Include an API endpoint. 3 years ago
Patrick Cloke 7daf3376b2 Clarify what changes are being proposed. 3 years ago
Patrick Cloke 2522ed5eae Fix typo.
Co-authored-by: Travis Ralston <travpc@gmail.com>
3 years ago
Patrick Cloke 1672ce2b0c Fix awkward wording. 3 years ago
Patrick Cloke 1c34a466ed Various clarifications based on feedback. 3 years ago
Patrick Cloke 086095f72e Also include the room topic. 3 years ago
Patrick Cloke 12abecf5b5 Wrap text. 3 years ago
Patrick Cloke 56b1b04544 Rename encrypted status to encryption information.
Co-authored-by: Travis Ralston <travpc@gmail.com>
3 years ago
Patrick Cloke 517174b19d Re-arrange security impact of knocking. 3 years ago
Patrick Cloke bf41af7c15 Remove security considerations (moved to MSC3083). 3 years ago
Patrick Cloke 34f006ce8b Strip whitespace. 3 years ago
Patrick Cloke c2a3b5d079 Wrapping. 3 years ago
Patrick Cloke 36a0251c9a Update MSC number. 3 years ago
Patrick Cloke 34cd85829b Wording. 3 years ago
Patrick Cloke b16b1a24d9 Add current proposals. 3 years ago
Travis Ralston 153df04953 Merge pull request #3218 from matrix-org/dependabot/npm_and_yarn/browserslist-4.16.6
Bump browserslist from 4.14.0 to 4.16.6
3 years ago
Travis Ralston 4f03180b90 Merge pull request #3241 from matrix-org/dependabot/npm_and_yarn/glob-parent-5.1.2
Bump glob-parent from 5.1.1 to 5.1.2
3 years ago
Travis Ralston 30654f70ee Merge pull request #3176 from matrix-org/travis/clarification/lowercasing
Case fold instead of lowercase
3 years ago
dependabot[bot] 933624e28a Bump browserslist from 4.14.0 to 4.16.6
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.14.0 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.14.0...4.16.6)

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Travis Ralston b0223b8bb8 Merge pull request #3233 from matrix-org/hs/explicit-room-id-for-tombstones
Explicitly call replacement_room a room ID
3 years ago
dependabot[bot] a8541d02de Bump glob-parent from 5.1.1 to 5.1.2
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Hubert Chathi 221375b105 Merge pull request #3207 from toadjaune/patch-2
Fix a typo in event soft rejection schema
3 years ago
Travis Ralston 81da7ba480 Update 3167.clarification 3 years ago
Will Hunt 7fac138d9a Create 3233.clarification 3 years ago
Hubert Chathi c4e9e904e2 Merge pull request #3199 from uhoreg/deprecate_verification_start_spec
Deprecate verifications that don't begin with a request.
3 years ago
Hubert Chathi 53fedb2c61 Add changelog 3 years ago
Travis Ralston 8b40972872 iterate 3 years ago
Will Hunt 2794fc8e29 Explicitly call replacement_room a room ID
Fixes https://github.com/matrix-org/matrix-doc/issues/3232
3 years ago
Travis Ralston 96b86b0282 Merge pull request #3195 from matrix-org/travis/msc1772-7E
Change space's valid `order` range to 0x7E
3 years ago
Hubert Chathi b3b6fb3e10 add changelog 3 years ago
Hubert Chathi 586c4d865a Fix broken ASCII art 3 years ago
Travis Ralston 21a132d3a5 Merge branch 'master' into travis/clarification/lowercasing 3 years ago
Andrew Morgan fca6992cd9 Clarify that implementations can use stable prefixes once an MSC has merged (#3179)
Fixes #3146.

This PR changes the Matrix Spec Proposals page to clarify that implementations **do not** need to wait until a spec release to use stable prefixes, but that they can do so after the corresponding MSC has been merged. The justification is that once an MSC has been merged, it's fairly guaranteed that it will land in the spec. Yet it will take time for the spec release process to run its course, and we shouldn't make implementations wait for that.

The exception to this is if implementating a feature in a backwards-compatible way requires a new spec version to indicate to clients/servers that a feature has been added/changed. This situation is rare though, and most implementations won't fall into this category.
3 years ago