Media redirect target URL gets modified by Element Desktop #1924
Labels
O-Uncommon
Most users are unlikely to come across this or unexpected workflow
S-Minor
Impairs non-critical functionality or suitable workarounds exist
T-Defect
This code seems to replace the string
/_matrix/media/v3/
in media URLs with/_matrix/client/v1/media/
:element-desktop/src/media-auth.ts
Line 68 in 6c78684
This URL modification, however, seems to also apply to the target of HTTP redirects.
It doesn't appear that Element Web has this same behavior.
Since we run matrix-media-repo on a separate domain, without media authentication, we have been using a redirect from
https://<synapse>/_matrix/client/v1/media/
tohttps://<matrix-media-repo>/_matrix/media/v3/
.The target URL being modified by Element Desktop went unnoticed by us until now, when Element Desktop 1.11.81 stopped sending the access token, and highlighted this issue.
(Our intention all along was to redirect to matrix-media-repo's unauthenticated endpoint, but Element Desktop has been rewriting it to the authenticated endpoint)
This URL rewriting behavior is certainly not part of the specification, and our setup doesn't seem that unreasonable. Maybe its inclusion in the code should be reconsidered.
The text was updated successfully, but these errors were encountered: