Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2026-03-26 13:04:10 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse source
This commit is contained in:
Travis Ralston 2022-05-30 15:30:30 -06:00 committed by GitHub
parent 972ccbd927
commit 88e81a5eb9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
content/server-server-api.md
View file

@ -292,13 +292,13 @@ def authorization_headers(origin_name, origin_signing_key,
``` ```
The format of the Authorization header is given in The format of the Authorization header is given in
[RFC7235](https://datatracker.ietf.org/doc/html/rfc7235#section-2.1). In [RFC 7235](https://datatracker.ietf.org/doc/html/rfc7235#section-2.1). In
summary, the header begins with authorization scheme `X-Matrix`, followed by summary, the header begins with authorization scheme `X-Matrix`, followed by
one or more spaces, followed by a comma-separated list of parameters written as one or more spaces, followed by a comma-separated list of parameters written as
name=value pairs. The names are case insensitive and order does not matter. The name=value pairs. The names are case insensitive and order does not matter. The
values must be enclosed in quotes if they contain characters that are not values must be enclosed in quotes if they contain characters that are not
allowed in `token`s, as defined in allowed in `token`s, as defined in
[RFC7230](https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6); if a [RFC 7230](https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6); if a
value is a valid `token`, it may or may not be enclosed in quotes. Quoted value is a valid `token`, it may or may not be enclosed in quotes. Quoted
values may include backslash-escaped characters. When parsing the header, the values may include backslash-escaped characters. When parsing the header, the
recipient must unescape the characters. That is, a backslash-character pair is recipient must unescape the characters. That is, a backslash-character pair is
@ -319,7 +319,7 @@ The authorization parameters to include are:
- `destination`: {{< added-in v="1.3" >}} the server name of the receiving - `destination`: {{< added-in v="1.3" >}} the server name of the receiving
sender. This is the same as the `destination` field from the JSON described sender. This is the same as the `destination` field from the JSON described
in step 1. For compatibility with older servers, recipients should accept in step 1. For compatibility with older servers, recipients should accept
requests without this parameter, but should always send it. If this property requests without this parameter, but MUST always send it. If this property
is included, but the value does not match the receiving server's name, the is included, but the value does not match the receiving server's name, the
receiving server must deny the request with an HTTP status code 401 receiving server must deny the request with an HTTP status code 401
Unauthorized. Unauthorized.