Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Determine how long the ability to re-enable unauthenticated media (i.e. enable_authenticated_media: False) will be supported #17950

Open
reivilibre opened this issue Nov 20, 2024 · 15 comments
Labels

Comments

@reivilibre
Copy link
Contributor

In the future we will drop the enable_authenticated_media option, making all media access need authentication in the future.

But which version of Synapse should do this?

cc @element-hq/trust-safety @element-hq/synapse-core

@turt2live
Copy link
Member

I suggest arbitrarily waiting 2 months at minimum, making this an early 2025 thing to happen.

@clokep
Copy link
Contributor

clokep commented Nov 20, 2024

This means dropping old spec versions, correct?

@turt2live
Copy link
Member

No, it means the config flag disappears. The freeze would be enabled by default, and cannot be turned off.

@wrjlewis
Copy link
Contributor

Thanks - in which case we'd like to propose end of Feb to remove this.

@turt2live
Copy link
Member

Sounds great! I don't expect anything to come up which delays it, but will raise loudly if that changes.

@RUzOfuz5m
Copy link

I understand I might be unique but unauthenticated access to files is one of the features that I use a lot. I allow large files on my selfhosted server and send these links to other people all the time. On top of that, my experience with trying to bridge these (large) files to other tools/services I often find I hit their limits and they wont send. In this case I'll send a link instead of the file so the people on the other end still get it.

I agree that by default unauthenticated access to files is a bad thing and it shouldn't be enabled by default but to remove this all together is a bad idea.

@ShadowRZ
Copy link

@RUzOfuz5m It's at all possible to use a small proxy server to serve medias at your homeserver unauthenticated, I found no reason why unauth media support must belongs in Synapse

@Radiquum
Copy link

Radiquum commented Dec 26, 2024

@ShadowRZ well, even user avatar on matrix.to is broken now, so at least some files via some event or something, or files in public unencrypted rooms should be able to be set as available unauthenticated. Also this change broke the MSC1951, so you can't use custom stickers in element anymore, and it still not support the MSC2545 as another implementation (official app btw)

image

@ShadowRZ
Copy link

@Radiquum

Also this change broke the MSC1951, so you can't use custom stickers in element anymore (official app btw)

Element Sticker Picker are entirely unrelated to any MSC at all. While if using scalar.vector.im they might work, using https://github.com/maunium/stickerpicker (not an Element project btw) it can't work at all, likely due to Widgets API limitations which seems doesn't allow widgets to grab an auth token for auth media usage.

Also mind you provide details on how you get the screenshot you provided? I don't think it was shoted on matrix.to.

@Radiquum
Copy link

Radiquum commented Dec 26, 2024

@Radiquum

Also this change broke the MSC1951, so you can't use custom stickers in element anymore (official app btw)

Element Sticker Picker are entirely unrelated to any MSC at all. While if using scalar.vector.im they might work, using https://github.com/maunium/stickerpicker (not an Element project btw) it can't work at all, likely due to Widgets API limitations which seems doesn't allow widgets to grab an auth token for auth media usage.

that's the point, since this change all media is require auth, so custom stickers in maunium that is based off msc1951, don't load, well you can send them (maybe), but you won't see any preview of what sticker are you sending, and it is literally the only way to use custom stickers in element.

And I'm talking about element there, since it doesn't support adding custom stickers natively via rooms, like in fluffychat/cinny that are implemented the msc2545, even though seems like it will be an official implementation of stickers

@Radiquum
Copy link

Radiquum commented Dec 26, 2024

Also mind you provide details on how you get the screenshot you provided? I don't think it was shoted on matrix.to.

Also here the another screenshot

image

I mixed up the synapse auth screen with matrix.to in the previous one

@tulir
Copy link
Contributor

tulir commented Dec 26, 2024

custom stickers in maunium that is based off msc1951

Just to clarify, maunium-stickerpicker is not based on MSC1951 (nor any other MSC), it's just for element

@turt2live
Copy link
Member

Widgets (including sticker pickers) which require authenticated access to media can use matrix-org/matrix-spec-proposals#4039

The MSC was updated to handle authenticated media changes.

@ShadowRZ
Copy link

Sounds great! I don't expect anything to come up which delays it, but will raise loudly if that changes.

Actually turns out the former discussion exposed something I haven't forseen, to quote myself:

Some builtin templates used mxc_to_http Jinja function which is documented in

```python
mxc_to_http(value: str, width: int, height: int, resize_method: str = "crop") -> str
```
Turns a `mxc://` URL for media content into an HTTP(S) one using the homeserver's
`public_baseurl` configuration setting as the URL's base.

Implmented with

def _create_mxc_to_http_filter(
public_baseurl: Optional[str],
) -> Callable[[str, int, int, str], str]:
"""Create and return a jinja2 filter that converts MXC urls to HTTP
Args:
public_baseurl: The public, accessible base URL of the homeserver
"""
def mxc_to_http_filter(
value: str, width: int, height: int, resize_method: str = "crop"
) -> str:
if not public_baseurl:
raise RuntimeError(
"public_baseurl must be set in the homeserver config to convert MXC URLs to HTTP URLs."
)
if value[0:6] != "mxc://":
return ""
server_and_media_id = value[6:]
fragment = None
if "#" in server_and_media_id:
server_and_media_id, fragment = server_and_media_id.split("#", 1)
fragment = "#" + fragment
params = {"width": width, "height": height, "method": resize_method}
return "%s_matrix/media/v1/thumbnail/%s?%s%s" % (
public_baseurl,
server_and_media_id,
urllib.parse.urlencode(params),
fragment or "",
)
return mxc_to_http_filter
so looks like it returns an unauth thumb URL

I think it means builtin Synapse templates still relied on unauth media URLs, causing a defect in the screenshot posted in #17950 (comment)

@turt2live
Copy link
Member

I personally don't consider that a blocker for this work. It sounds extremely similar to #17832

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

8 participants