Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support .well-known in the way the spec says #479

Open
aaronraimist opened this issue Aug 29, 2021 · 3 comments · May be fixed by #810
Open

Support .well-known in the way the spec says #479

aaronraimist opened this issue Aug 29, 2021 · 3 comments · May be fixed by #810
Labels
minor

Comments

@aaronraimist
Copy link

Hydrogen has now implemented Element's newish style of doing .well-known which is great but that isn't how the spec says .well-known works. It would be good to support both methods.

The spec says .well-known works by having the user enter their full username (as in @user:server.com) and then the client sends the .well-known request to the server name that appears after the colon. https://spec.matrix.org/unstable/client-server-api/#well-known-uri
@bwindels
Copy link
Contributor

bwindels commented Aug 30, 2021
edited
Loading

Interesting this is mentioned specifically in the spec (I hadn't noticed) as I would consider this more a UX choice up to the discretion of each client. Any particular reason you prefer this over the current way of entering the server?

@bwindels bwindels added the minor label Aug 30, 2021
@aaronraimist
Copy link
Author

I believe the reason it’s in the spec is for security.

If a user thinks “oh this client supports .well-known” they might go and type @bob:company.com and their password in right now and click Sign in without manually changing the homeserver. That would mean they just sent their username and password to the default server. I’m sure matrix.org isn’t intentionally collecting that but it still doesn’t mean it is a good idea to have these plaintext passwords being sent to the wrong server.

@bwindels
Copy link
Contributor

Ah, I see. Well, it would definitely make sense to change the homeserver if a people enter a user id with a server in the user field.

@Kaki-In Kaki-In linked a pull request Jul 26, 2022 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
minor
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Detect home server from matrix id Kaki-In/hydrogen-web
2 participants
@bwindels @aaronraimist