Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-05-06 09:04:09 +02:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Replace outdated statement that messages are not encrypted (#2371)
Some checks are pending
Spec / 🔎 Validate OpenAPI specifications (push) Waiting to run
Details
Spec / 🔎 Check Event schema examples (push) Waiting to run
Details
Spec / 🔎 Check OpenAPI definitions examples (push) Waiting to run
Details
Spec / 🔎 Check JSON Schemas inline examples (push) Waiting to run
Details
Spec / ⚙️ Calculate baseURL for later jobs (push) Waiting to run
Details
Spec / 🐍 Build OpenAPI definitions (push) Blocked by required conditions
Details
Spec / 📢 Run towncrier for changelog (push) Waiting to run
Details
Spec / 📖 Build the spec (push) Blocked by required conditions
Details
Spec / 🔎 Validate generated HTML (push) Blocked by required conditions
Details
Spec / 📖 Build the historical backup spec (push) Blocked by required conditions
Details
Spec / Create release (push) Blocked by required conditions
Details
Spell Check / Spell Check with Typos (push) Waiting to run
Details

Browse source 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
This commit is contained in:
Kévin Commaille 2026-05-05 01:05:38 +02:00 committed by GitHub
parent 31aa625a2a
commit 0baab558ed
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelogs/client_server/newsfragments/2371.clarification Normal file
View file

@ -0,0 +1 @@
Clarify that room messages can be encrypted.

3
content/client-server-api/modules/instant_messaging.md
View file

@ -454,8 +454,7 @@ status code of 400.
#### Security considerations
Messages sent using this module are not encrypted, although end to end
encryption is in development (see [E2E module](#end-to-end-encryption)).
Messages sent using this module MAY be encrypted, see [End-to-End Encryption](#end-to-end-encryption).
Clients should sanitise **all displayed keys** for unsafe HTML to
prevent Cross-Site Scripting (XSS) attacks. This includes room names and