Skip to content

Commit

Permalink
Merge pull request #3099 from matrix-org/travis/spec/MSC2801-untruste…
Browse files Browse the repository at this point in the history
…d-bodies

Sprinkle some DANGER: UNSAFE warnings over the spec about event bodies
  • Loading branch information
turt2live authored and richvdh committed Aug 23, 2021
2 parents 73969e0 + 9135a32 commit 1df3c43
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 0 deletions.
1 change: 1 addition & 0 deletions changelogs/client_server/newsfragments/3099.clarification
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Clarify that event bodies are untrusted, as per [MSC2801](https://github.com/matrix-org/matrix-doc/pull/2801).
12 changes: 12 additions & 0 deletions content/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,18 @@ reserved for events defined in the Matrix specification - for instance
`m.room.message` is the event type for instant messages. Events are
usually sent in the context of a "Room".

{{% boxes/warning %}}
Event bodies are considered untrusted data. This means that any application using
Matrix must validate that the event body is of the expected shape/schema
before using the contents verbatim.

**It is not safe to assume that an event body will have all the expected
fields of the expected types.**

See [MSC2801](https://github.com/matrix-org/matrix-doc/pull/2801) for more
detail on why this assumption is unsafe.
{{% /boxes/warning %}}

### Event Graphs

Events exchanged in the context of a room are stored in a directed
Expand Down
12 changes: 12 additions & 0 deletions content/client-server-api/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -1381,6 +1381,18 @@ opaque string. No changes should be required to support the currently
available room versions.
{{% /boxes/warning %}}

{{% boxes/warning %}}
Event bodies are considered untrusted data. This means that any application using
Matrix must validate that the event body is of the expected shape/schema
before using the contents verbatim.

**It is not safe to assume that an event body will have all the expected
fields of the expected types.**

See [MSC2801](https://github.com/matrix-org/matrix-doc/pull/2801) for more
detail on why this assumption is unsafe.
{{% /boxes/warning %}}

### Types of room events

Room events are split into two categories:
Expand Down

0 comments on commit 1df3c43

Please sign in to comment.