Add a matrix_synapse_url_preview_ip_range_blacklist variable

This commit is contained in:
Slavi Pantaleev 2025-02-21 22:21:06 +02:00
parent f24c045393
commit d9eabc49e6
2 changed files with 27 additions and 22 deletions

View File

@ -750,10 +750,34 @@ matrix_synapse_password_providers_enabled: false
# to load message content directly from the homeserver. # to load message content directly from the homeserver.
matrix_synapse_push_include_content: true matrix_synapse_push_include_content: true
# If url previews should be generated. This will cause a request from Synapse to # If url previews should be generated. This will cause a request from Synapse to URLs shared by users.
# URLs shared by users. # Also see `matrix_synapse_url_preview_ip_range_blacklist`.
matrix_synapse_url_preview_enabled: true matrix_synapse_url_preview_enabled: true
# List of IP address CIDR ranges that the URL preview spider is denied from accessing.
# Note: The value is ignored when an HTTP proxy is in use
# See the comment about this setting in `templates/synapse/homeserver.yaml.j2` for more details.
matrix_synapse_url_preview_ip_range_blacklist:
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '192.0.0.0/24'
- '169.254.0.0/16'
- '192.88.99.0/24'
- '198.18.0.0/15'
- '192.0.2.0/24'
- '198.51.100.0/24'
- '203.0.113.0/24'
- '224.0.0.0/4'
- '::1/128'
- 'fe80::/10'
- 'fc00::/7'
- '2001:db8::/32'
- 'ff00::/8'
- 'fec0::/10'
# A list of values for the Accept-Language HTTP header used when downloading webpages during URL preview generation # A list of values for the Accept-Language HTTP header used when downloading webpages during URL preview generation
matrix_url_preview_accept_language: ['en-US', 'en'] matrix_url_preview_accept_language: ['en-US', 'en']

View File

@ -1131,26 +1131,7 @@ url_preview_enabled: {{ matrix_synapse_url_preview_enabled|to_json }}
# #
# Note: The value is ignored when an HTTP proxy is in use # Note: The value is ignored when an HTTP proxy is in use
# #
url_preview_ip_range_blacklist: url_preview_ip_range_blacklist: {{ matrix_synapse_url_preview_ip_range_blacklist | to_json }}
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '192.0.0.0/24'
- '169.254.0.0/16'
- '192.88.99.0/24'
- '198.18.0.0/15'
- '192.0.2.0/24'
- '198.51.100.0/24'
- '203.0.113.0/24'
- '224.0.0.0/4'
- '::1/128'
- 'fe80::/10'
- 'fc00::/7'
- '2001:db8::/32'
- 'ff00::/8'
- 'fec0::/10'
# List of IP address CIDR ranges that the URL preview spider is allowed # List of IP address CIDR ranges that the URL preview spider is allowed
# to access even if they are specified in url_preview_ip_range_blacklist. # to access even if they are specified in url_preview_ip_range_blacklist.