Forwarding a reply event to another room will leak the reply text, and via servers #14824
Comments
|
It is just following the spec? Shouldn't this be in matrix-doc? https://matrix.org/docs/spec/client_server/r0.6.1#fallbacks-and-event-representation |
|
Well, it's still a leak so I'd like to document the unsafe nature of the feature in here regardless, but we should probably open something on matrix-doc too. I should mention that the spec doesn't require |
|
Hmm, thinking about it a bit more... I don't think the spec mandates that you are required to keep the reply format at all when handling forwarded messages, since the spec doesn't describe event forwarding at all (yet). Presumably even just forwarding the reply content to a room would be safer than what we have today. |
|
Duplicate of https://github.com/matrix-org/matrix-doc/issues/1654 |
If the participants of room B are not in room A, they will still see the replied to sender, body and via servers in the event source. It's not particularly sporting of Element to do this as the UI just shows a
Unable to load event that was replied to, it either does not exist or you do not have permission to view it..In this case it's particularly annoying because some of the via servers should probably have remained private...
The text was updated successfully, but these errors were encountered: