From c4e54509dbc9e2883b95325ddac9cafc2273273f Mon Sep 17 00:00:00 2001
From: David Robertson <davidr@element.io>
Date: Mon, 23 May 2022 18:22:33 +0100
Subject: [PATCH] PDU check 5 should consult state before an event (#1070)

---
 changelogs/server_server/newsfragments/1070.clarification | 1 +
 content/server-server-api.md                              | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/server_server/newsfragments/1070.clarification

diff --git a/changelogs/server_server/newsfragments/1070.clarification b/changelogs/server_server/newsfragments/1070.clarification
new file mode 100644
index 00000000..6661503e
--- /dev/null
+++ b/changelogs/server_server/newsfragments/1070.clarification
@@ -0,0 +1 @@
+Clarify that checks on PDUs should refer to the state _before_ an event.
diff --git a/content/server-server-api.md b/content/server-server-api.md
index 991806af..24b6a889 100644
--- a/content/server-server-api.md
+++ b/content/server-server-api.md
@@ -364,7 +364,7 @@ server must ensure that the event:
     further.
 4.  Passes authorization rules based on the event's auth events,
     otherwise it is rejected.
-5.  Passes authorization rules based on the state at the event,
+5.  Passes authorization rules based on the state before the event,
     otherwise it is rejected.
 6.  Passes authorization rules based on the current state of the room,
     otherwise it is "soft failed".