Home Explore Help
Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Browse Source

Set Referrer-Policy to no-referrer for media (#7009)

Dionysis Grigoropoulos 4 years ago
parent
477c4f5b1c
commit
96071eea8f
2 changed files with 4 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      changelog.d/7009.feature
  2. 3 0
      synapse/rest/media/v1/download_resource.py

+ 1 - 0
changelog.d/7009.feature
View File 

@@ -0,0 +1 @@
 
+Set `Referrer-Policy` header to `no-referrer` on media downloads.

+ 3 - 0
synapse/rest/media/v1/download_resource.py
View File 

@@ -50,6 +50,9 @@ class DownloadResource(DirectServeResource):
 
             b" media-src 'self';"
 
             b" object-src 'self';",
 
         )
 
+        request.setHeader(
 
+            b"Referrer-Policy", b"no-referrer",
 
+        )
 
         server_name, media_id, name = parse_media_id(request)
 
         if server_name == self.server_name:
 
             await self.media_repo.get_local_media(request, media_id, name)