From 276fa602c82909524a6c52e6f692a4ffb42d0247 Mon Sep 17 00:00:00 2001 From: Johannes Marbach Date: Tue, 19 Nov 2024 15:27:22 +0100 Subject: [PATCH] Apply ACLs per room ID for m.receipt EDUs --- content/server-server-api.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/content/server-server-api.md b/content/server-server-api.md index 6051ed0f..9b9ccf6c 100644 --- a/content/server-server-api.md +++ b/content/server-server-api.md @@ -1247,18 +1247,18 @@ The following endpoint prefixes MUST be protected: Additionally the [`/_matrix/federation/v1/send/{txnId}`](#put_matrixfederationv1sendtxnid) endpoint MUST be protected as follows: -- ACLs MUST be applied on a per-PDU basis. If the `origin` server is - denied access to the room identified by `room_id`, the PDU MUST be - ignored with an appropriate error included in the response for the - respective event ID. -- ACLs MUST be applied on a per-EDU basis to all EDUs that are local - to a specific room. This includes: - - - [Typing notifications (m.typing)](#typing-notifications) - - [Receipts (m.receipt)](#receipts) - - If the `origin` server is denied access to the room identified by - `room_id`, the EDU MUST be ignored. +- ACLs MUST be applied to all PDUs on a per-PDU basis. If the `origin` + server is denied access to the room identified by `room_id`, the PDU + MUST be ignored with an appropriate error included in the response + for the respective event ID. +- ACLs MUST be applied to all EDUs that are local to a specific room: + + - For [typing notifications (m.typing)](#typing-notifications), if + the `origin` server is denied access to the room identified by + `room_id`, the EDU MUST be ignored. + - For [receipts (m.receipt)](#receipts), all receipts for a particular + room ID MUST be ignored if the `origin` server is denied access to + the room identified by that ID. ## Signing Events