diff options
| author | Neil Alexander <neilalexander@users.noreply.github.com> | 2022-04-08 10:46:23 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-08 10:46:23 +0100 |
| commit | b8c97431b9baa59fed4d044cbff7d609ab2fd9cb (patch) | |
| tree | e9c6f149d7e101c9e85a327aa32143e6cb8b0811 /clientapi | |
| parent | 63b7c3da463a23e25146107760720e08a8c96f0f (diff) | |
Prevent setting push rules via account data endpoint (#2333)
Diffstat (limited to 'clientapi')
| -rw-r--r-- | clientapi/routing/account_data.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/clientapi/routing/account_data.go b/clientapi/routing/account_data.go index 9399fd0b..d0dd3ab8 100644 --- a/clientapi/routing/account_data.go +++ b/clientapi/routing/account_data.go @@ -95,10 +95,10 @@ func SaveAccountData( } } - if dataType == "m.fully_read" { + if dataType == "m.fully_read" || dataType == "m.push_rules" { return util.JSONResponse{ Code: http.StatusForbidden, - JSON: jsonerror.Forbidden("Unable to set read marker"), + JSON: jsonerror.Forbidden(fmt.Sprintf("Unable to modify %q using this API", dataType)), } } |