synapse

mirrors/synapse

Fork 0

mirror of https://github.com/element-hq/synapse.git synced 2025-03-12 10:56:50 +00:00

Commit graph

Author	SHA1	Message	Date
Quentin Gliech	b9276e21ee	Fix MSC4108 'rendez-vous' responses with some reverse proxy in the front of Synapse (#18178 ) MSC4108 relies on ETag to determine if something has changed on the rendez-vous channel. Strong and correct ETag comparison works if the response body is bit-for-bit identical, which isn't the case if a proxy in the middle compresses the response on the fly. This adds a `no-transform` directive to the `Cache-Control` header, which tells proxies not to transform the response body. Additionally, some proxies (nginx) will switch to `Transfer-Encoding: chunked` if it doesn't know the Content-Length of the response, and 'weakening' the ETag if that's the case. I've added `Content-Length` headers to all responses, to hopefully solve that. This basically fixes QR-code login when nginx or cloudflare is involved, with gzip/zstd/deflate compression enabled.	2025-02-25 11:34:33 +01:00

Author

SHA1

Message

Date

Quentin Gliech

b9276e21ee

Fix MSC4108 'rendez-vous' responses with some reverse proxy in the front of Synapse (#18178 )

MSC4108 relies on ETag to determine if something has changed on the
rendez-vous channel.
Strong and correct ETag comparison works if the response body is
bit-for-bit identical, which isn't the case if a proxy in the middle
compresses the response on the fly.

This adds a `no-transform` directive to the `Cache-Control` header,
which tells proxies not to transform the response body.

Additionally, some proxies (nginx) will switch to `Transfer-Encoding:
chunked` if it doesn't know the Content-Length of the response, and
'weakening' the ETag if that's the case. I've added `Content-Length`
headers to all responses, to hopefully solve that.

This basically fixes QR-code login when nginx or cloudflare is involved,
with gzip/zstd/deflate compression enabled.

2025-02-25 11:34:33 +01:00

1 commit