105 lines
3.6 KiB
YAML
105 lines
3.6 KiB
YAML
# Is the preview URL API enabled?
|
|
#
|
|
# 'false' by default: uncomment the following to enable it (and specify a
|
|
# url_preview_ip_range_blacklist blacklist).
|
|
#
|
|
url_preview_enabled: true
|
|
|
|
# List of IP address CIDR ranges that the URL preview spider is denied
|
|
# from accessing. There are no defaults: you must explicitly
|
|
# specify a list for URL previewing to work. You should specify any
|
|
# internal services in your network that you do not want synapse to try
|
|
# to connect to, otherwise anyone in any Matrix room could cause your
|
|
# synapse to issue arbitrary GET requests to your internal services,
|
|
# causing serious security issues.
|
|
#
|
|
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
|
# listed here, since they correspond to unroutable addresses.)
|
|
#
|
|
# This must be specified if url_preview_enabled is set. It is recommended that
|
|
# you uncomment the following list as a starting point.
|
|
#
|
|
url_preview_ip_range_blacklist:
|
|
- '127.0.0.0/8'
|
|
- '10.0.0.0/8'
|
|
- '172.16.0.0/12'
|
|
- '192.168.0.0/16'
|
|
- '100.64.0.0/10'
|
|
- '169.254.0.0/16'
|
|
- '::1/128'
|
|
- 'fe80::/64'
|
|
- 'fc00::/7'
|
|
|
|
# List of IP address CIDR ranges that the URL preview spider is allowed
|
|
# to access even if they are specified in url_preview_ip_range_blacklist.
|
|
# This is useful for specifying exceptions to wide-ranging blacklisted
|
|
# target IP ranges - e.g. for enabling URL previews for a specific private
|
|
# website only visible in your network.
|
|
#
|
|
#url_preview_ip_range_whitelist:
|
|
# - '192.168.1.1'
|
|
|
|
# Optional list of URL matches that the URL preview spider is
|
|
# denied from accessing. You should use url_preview_ip_range_blacklist
|
|
# in preference to this, otherwise someone could define a public DNS
|
|
# entry that points to a private IP address and circumvent the blacklist.
|
|
# This is more useful if you know there is an entire shape of URL that
|
|
# you know that will never want synapse to try to spider.
|
|
#
|
|
# Each list entry is a dictionary of url component attributes as returned
|
|
# by urlparse.urlsplit as applied to the absolute form of the URL. See
|
|
# https://docs.python.org/2/library/urlparse.html#urlparse.urlsplit
|
|
# The values of the dictionary are treated as an filename match pattern
|
|
# applied to that component of URLs, unless they start with a ^ in which
|
|
# case they are treated as a regular expression match. If all the
|
|
# specified component matches for a given list item succeed, the URL is
|
|
# blacklisted.
|
|
#
|
|
url_preview_url_blacklist:
|
|
# blacklist any URL with a username in its URI
|
|
- username: '*'
|
|
#
|
|
# # blacklist all *.google.com URLs
|
|
# - netloc: 'google.com'
|
|
# - netloc: '*.google.com'
|
|
#
|
|
# # blacklist all plain HTTP URLs
|
|
# - scheme: 'http'
|
|
#
|
|
# # blacklist http(s)://www.acme.com/foo
|
|
# - netloc: 'www.acme.com'
|
|
# path: '/foo'
|
|
#
|
|
# # blacklist any URL with a literal IPv4 address
|
|
# - netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
|
|
|
|
# The largest allowed URL preview spidering size in bytes
|
|
#
|
|
#max_spider_size: 10M
|
|
|
|
# A list of values for the Accept-Language HTTP header used when
|
|
# downloading webpages during URL preview generation. This allows
|
|
# Synapse to specify the preferred languages that URL previews should
|
|
# be in when communicating with remote servers.
|
|
#
|
|
# Each value is a IETF language tag; a 2-3 letter identifier for a
|
|
# language, optionally followed by subtags separated by '-', specifying
|
|
# a country or region variant.
|
|
#
|
|
# Multiple values can be provided, and a weight can be added to each by
|
|
# using quality value syntax (;q=). '*' translates to any language.
|
|
#
|
|
# Defaults to "en".
|
|
#
|
|
# Example:
|
|
#
|
|
# url_preview_accept_language:
|
|
# - en-UK
|
|
# - en-US;q=0.9
|
|
# - fr;q=0.8
|
|
# - *;q=0.7
|
|
#
|
|
url_preview_accept_language:
|
|
- ru
|
|
- en;q=0.9
|