You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ntfy (https://ntfy.sh/) server implements authentication and ACLs to secure its push messages.
Matrix Synapse homeserver currently supports it well, but without authentication.
The ntfy configuration (https://docs.ntfy.sh/config/?h=access#access-control-list-acl) manual states that administrator could allow anonymous (everyone/) to have write access to "up*" topics while having auth-default-access: "deny-all" to mitigate this problem.
Have synapse developers considered this issue, like allowing configured credentials for ntfy server, or should this problem be addressed otherwise, like the Element X client announcing to synapse which credentials synapse should use to notify with?
Maybe this is a non-issue for most people. I just got curious ...
The text was updated successfully, but these errors were encountered:
The ntfy (https://ntfy.sh/) server implements authentication and ACLs to secure its push messages.
Matrix Synapse homeserver currently supports it well, but without authentication.
The ntfy configuration (https://docs.ntfy.sh/config/?h=access#access-control-list-acl) manual states that administrator could allow anonymous (everyone/) to have write access to "up*" topics while having
auth-default-access: "deny-all"to mitigate this problem.A user expressed this issue at binwiederhier/ntfy#1034
Have synapse developers considered this issue, like allowing configured credentials for ntfy server, or should this problem be addressed otherwise, like the Element X client announcing to synapse which credentials synapse should use to notify with?
Maybe this is a non-issue for most people. I just got curious ...
The text was updated successfully, but these errors were encountered: