This commit is contained in:
Hagen 2026-06-25 15:55:01 +02:00 committed by GitHub
commit e661ec9202
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 9 additions and 1 deletions

View file

@ -0,0 +1 @@
Clients are now supposed to follow 30x redirects from `/.well-known/matrix/client` as per [MSC4402](https://github.com/matrix-org/matrix-spec-proposals/pull/4402).

View file

@ -429,6 +429,7 @@ Instead, they can be reached via HTTPS on the [server name](/appendices/#server-
Servers hosting the `.well-known` JSON file SHOULD offer CORS headers, Servers hosting the `.well-known` JSON file SHOULD offer CORS headers,
as per the [CORS](#web-browser-clients) section in this specification. as per the [CORS](#web-browser-clients) section in this specification.
{{% added-in v="1.19" %}} Servers SHOULD also ensure that each 30x redirect, if any, offers such CORS headers.
{{% /boxes/note %}} {{% /boxes/note %}}
The flow for auto-discovery is as follows: The flow for auto-discovery is as follows:
@ -437,6 +438,7 @@ The flow for auto-discovery is as follows:
Matrix ID at the first colon. Matrix ID at the first colon.
2. Extract the hostname from the server name as described by the [grammar](/appendices/#server-name). 2. Extract the hostname from the server name as described by the [grammar](/appendices/#server-name).
3. Make a GET request to `https://hostname/.well-known/matrix/client`. 3. Make a GET request to `https://hostname/.well-known/matrix/client`.
{{% added-in v="1.19" %}} 30x redirects SHOULD be followed, however redirection loops should be avoided.
1. If the returned status code is 404, then `IGNORE`. 1. If the returned status code is 404, then `IGNORE`.
2. If the returned status code is not 200, or the response body is 2. If the returned status code is not 200, or the response body is
empty, then `FAIL_PROMPT`. empty, then `FAIL_PROMPT`.

View file

@ -1,4 +1,5 @@
# Copyright 2018 New Vector Ltd # Copyright 2018 New Vector Ltd
# Copyright 2026 Hagen Echzell
# #
# Licensed under the Apache License, Version 2.0 (the "License"); # Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License. # you may not use this file except in compliance with the License.
@ -20,7 +21,11 @@ paths:
get: get:
summary: Gets Matrix server discovery information about the domain. summary: Gets Matrix server discovery information about the domain.
description: |- description: |-
Gets discovery information about the domain. The file may include Gets discovery information about the domain.
{{% added-in v="1.19" %}} Clients SHOULD follow 30x redirects, carefully
avoiding redirect loops, and use normal X.509 certificate validation.
The file may include
additional keys, which MUST follow the Java package naming convention, additional keys, which MUST follow the Java package naming convention,
e.g. `com.example.myapp.property`. This ensures property names are e.g. `com.example.myapp.property`. This ensures property names are
suitably namespaced for each application and reduces the risk of suitably namespaced for each application and reduces the risk of