kaslo/synapse
1
0
Fork 0
Code Packages Releases 124 Wiki Activity

Return 400 when canonical_alias content invalid (#19240)

Browse Source 
Fixes #19198

Returns HTTP 400 when `alias` or `alt_alias` inside of
`m.room.canonical_alias` `content` are not of type string.
Previously this resulted in HTTP 500 errors as Synapse assumed they were
strings and would raise an exception when it tried to treat them as such
if they actually weren't.

With the changes implemented:
<img width="800" height="616" alt="Screenshot from 2025-11-28 16-48-06"
src="https://github.com/user-attachments/assets/1333a4b3-7b4f-435f-bbff-f48870bc4d96"
/>
<img width="800" height="316" alt="Screenshot from 2025-11-28 16-47-42"
src="https://github.com/user-attachments/assets/5928abf8-88a2-4bd9-9420-9a1f743f66f5"
/>

### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [X] Pull request is based on the develop branch
* [X] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [X] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct (run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
This commit is contained in:
Devon Hudson
2025-12-01 15:24:26 +00:00
committed by GitHub
parent 1bddd25a85
commit 119f02e3b3
3 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
changelog.d/19240.bugfix Normal file
View File

@@ -0,0 +1 @@
Fix bug where invalid `canonical_alias` content would return 500 instead of 400.

12
synapse/handlers/message.py
View File

@@ -1955,6 +1955,12 @@ class EventCreationHandler:
room_alias_str = event.content.get("alias", None) room_alias_str = event.content.get("alias", None)
directory_handler = self.hs.get_directory_handler() directory_handler = self.hs.get_directory_handler()
if room_alias_str and room_alias_str != original_alias: if room_alias_str and room_alias_str != original_alias:
if not isinstance(room_alias_str, str):
raise SynapseError(
400,
"The alias must be of type string.",
Codes.INVALID_PARAM,
)
await self._validate_canonical_alias( await self._validate_canonical_alias(
directory_handler, room_alias_str, event.room_id directory_handler, room_alias_str, event.room_id
) )
@@ -1978,6 +1984,12 @@ class EventCreationHandler:
new_alt_aliases = set(alt_aliases) - set(original_alt_aliases) new_alt_aliases = set(alt_aliases) - set(original_alt_aliases)
if new_alt_aliases: if new_alt_aliases:
for alias_str in new_alt_aliases: for alias_str in new_alt_aliases:
if not isinstance(alias_str, str):
raise SynapseError(
400,
"Each alt_alias must be of type string.",
Codes.INVALID_PARAM,
)
await self._validate_canonical_alias( await self._validate_canonical_alias(
directory_handler, alias_str, event.room_id directory_handler, alias_str, event.room_id
) )

2
tests/rest/client/test_rooms.py
View File

@@ -3880,9 +3880,11 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):
self._set_canonical_alias({"alt_aliases": False}, expected_code=400) self._set_canonical_alias({"alt_aliases": False}, expected_code=400)
self._set_canonical_alias({"alt_aliases": True}, expected_code=400) self._set_canonical_alias({"alt_aliases": True}, expected_code=400)
self._set_canonical_alias({"alt_aliases": {}}, expected_code=400) self._set_canonical_alias({"alt_aliases": {}}, expected_code=400)
self._set_canonical_alias({"alt_aliases": [0]}, expected_code=400)
def test_bad_alias(self) -> None: def test_bad_alias(self) -> None:
"""An alias which does not point to the room raises a SynapseError.""" """An alias which does not point to the room raises a SynapseError."""
self._set_canonical_alias({"alias": {"@unknown:test": "a"}}, expected_code=400)
self._set_canonical_alias({"alias": "@unknown:test"}, expected_code=400) self._set_canonical_alias({"alias": "@unknown:test"}, expected_code=400)
self._set_canonical_alias({"alt_aliases": ["@unknown:test"]}, expected_code=400) self._set_canonical_alias({"alt_aliases": ["@unknown:test"]}, expected_code=400)