Open herkulessi opened 5 months ago
Citation needed, for both claims.
I see this text in the spec:
The
Content-Type
for this response SHOULD beapplication/json
, however servers parsing the response should assume that the body is JSON regardless of type.
(https://spec.matrix.org/v1.9/server-server-api/#getwell-knownmatrixserver)
I have tested it both with the matrix.org hosted version of the federation tester, as well as the federationtester built from main seconds ago, and both attested me a working federation. I tested it with my current project (which is not a real homeserver). It's hard to prove without revealing the domain, but I got the following output during testing just now:
❯ curl 'http://127.0.0.1:8080/api/federation-ok?server_name=<my.test.domain>'
GOOD
❯ curl https://<my.test.domain>/_matrix/key/v2/server -v 2>&1 | grep content-type
< content-type: application/octet-stream
I have removed the domain, as it was a very temporary setup that will not be consistently reachable anyways.
You are right, it seems like the well-known is exempt from the content-type rule (as per your quoted part of the spec), however I would argue the /_matrix/key/v2/server
endpoint would have to set a content-type of application/json.
all endpoints in this specification require the destination server to return a JSON object. Servers must include a Content-Type header of application/json for all JSON responses. (https://spec.matrix.org/v1.9/server-server-api/#api-standards)
Synapse does actually check the content-type at the key endpoint but not at the well-known endpoint.
2024-03-07 22:21:39,759 - synapse.http.federation.well_known_resolver - 197 - INFO - ServerKeyFetcher-1036- - Response from .well-known: {'m.server': '<my.test.domain>:443'}
2024-03-07 22:21:39,832 - synapse.http.matrixfederationclient - 341 - WARNING - ServerKeyFetcher-1036 - {GET-O-4890} [<my.test.domain>] Error reading response GET matrix-federation://<my.test.domain>/_matrix/key/v2/server: Failed to send request: RuntimeError: Remote server sent Content-Type header of 'application/octet-stream', not 'application/json'
sorry, the "both claims" I was referring to were that (1) the spec and (2) servers require application/json
for the .well-known
file.
I think you're right about it for /_matrix/key/v2/server
. The relevant bit of spec is here:
Servers must include a
Content-Type
header ofapplication/json
for all JSON responses.
[edit: which you already linked! sorry]
The federation tester currently doesn't check the content-type of the responses, while servers do and the Spec mandates application/json