Document the checks made for incoming PDUs

pull/977/head
Erik Johnston 6 years ago
parent 0f7e285f15
commit ee9c010c37

@ -334,8 +334,22 @@ Authorization of PDUs
~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~
Whenever a server receives an event from a remote server, the receiving server Whenever a server receives an event from a remote server, the receiving server
must check that the event is allowed by the authorization rules. These rules must ensure that the event:
depend on the state of the room at that event.
1. Is a valid event, otherwise it is dropped
2. Passes signature checks, otherwise it is dropped.
3. Passes hash checks, otherwise it is redacted before being processed
further.
4. Passes authorization rules based on the event's auth events, otherwise it
is rejected.
5. Passes authorization rules based on the state at the event, otherwise it
is rejected.
6. Passes auth rules based on the current state of the room, otherwise it
is "soft failed".
Further details of these checks, and how to handle failures, are described
below.
Definitions Definitions
+++++++++++ +++++++++++

Loading…
Cancel
Save