|
@@ -558,14 +558,14 @@ time.
|
|
|
URL Previews
|
|
|
============
|
|
|
|
|
|
-Synapse 0.15.0 introduces an experimental new API for previewing URLs at
|
|
|
-/_matrix/media/r0/preview_url. This is disabled by default. To turn it on
|
|
|
-you must enable the `url_preview_enabled: True` config parameter and explicitly
|
|
|
-specify the IP ranges that Synapse is not allowed to spider for previewing in
|
|
|
-the `url_preview_ip_range_blacklist` configuration parameter. This is critical
|
|
|
-from a security perspective to stop arbitrary Matrix users spidering 'internal'
|
|
|
-URLs on your network. At the very least we recommend that your loopback and
|
|
|
-RFC1918 IP addresses are blacklisted.
|
|
|
+Synapse 0.15.0 introduces a new API for previewing URLs at
|
|
|
+``/_matrix/media/r0/preview_url``. This is disabled by default. To turn it on
|
|
|
+you must enable the ``url_preview_enabled: True`` config parameter and
|
|
|
+explicitly specify the IP ranges that Synapse is not allowed to spider for
|
|
|
+previewing in the ``url_preview_ip_range_blacklist`` configuration parameter.
|
|
|
+This is critical from a security perspective to stop arbitrary Matrix users
|
|
|
+spidering 'internal' URLs on your network. At the very least we recommend that
|
|
|
+your loopback and RFC1918 IP addresses are blacklisted.
|
|
|
|
|
|
This also requires the optional lxml and netaddr python dependencies to be
|
|
|
installed.
|
|
@@ -579,7 +579,7 @@ server, they can request a password-reset token via clients such as Vector.
|
|
|
|
|
|
A manual password reset can be done via direct database access as follows.
|
|
|
|
|
|
-First calculate the hash of the new password:
|
|
|
+First calculate the hash of the new password::
|
|
|
|
|
|
$ source ~/.synapse/bin/activate
|
|
|
$ ./scripts/hash_password
|
|
@@ -587,7 +587,7 @@ First calculate the hash of the new password:
|
|
|
Confirm password:
|
|
|
$2a$12$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
|
|
|
|
-Then update the `users` table in the database:
|
|
|
+Then update the `users` table in the database::
|
|
|
|
|
|
UPDATE users SET password_hash='$2a$12$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
|
|
|
WHERE name='@test:test.com';
|