From ff7f02d5dcab3f29044b35bcaa93f8456b8d8655 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 25 Nov 2021 16:39:03 +0000 Subject: [PATCH] Add HTTP 403 to possible profile responses Some servers may not allow profile lookup over federation, and thus respond to GET /_matrix/client/v3/profile/{userId} with an HTTP 403. For example, Synapse can be configured to behave in this way by setting: allow_profile_lookup_over_federation=false Thus, this behavior already exists in the wild, and may cause issues for clients such as https://github.com/vector-im/element-web/issues/17269. Synapse could alter its behavior and return an HTTP 404 in these cases, but amending the Spec seems preferable to align with extant behavior. Further, allowing HTTP 403 gives clients more specific information as to why a request has failed, enabling more precise error handling. Signed-off-by: Dan Callahan --- changelogs/client_server/newsfragments/3530.clarification | 1 + data/api/client-server/profile.yaml | 2 ++ 2 files changed, 3 insertions(+) create mode 100644 changelogs/client_server/newsfragments/3530.clarification diff --git a/changelogs/client_server/newsfragments/3530.clarification b/changelogs/client_server/newsfragments/3530.clarification new file mode 100644 index 00000000000..c629ceaf6ec --- /dev/null +++ b/changelogs/client_server/newsfragments/3530.clarification @@ -0,0 +1 @@ +Document that servers may respond with an HTTP 403 to GET /_matrix/client/v3/profile/{userId}. diff --git a/data/api/client-server/profile.yaml b/data/api/client-server/profile.yaml index e0a4c50d468..48f72dd67fd 100644 --- a/data/api/client-server/profile.yaml +++ b/data/api/client-server/profile.yaml @@ -211,6 +211,8 @@ paths: displayname: type: string description: The user's display name if they have set one, otherwise not present. + 403: + description: The server is unwilling to disclose whether the user exists and/or has profile information. 404: description: There is no profile information for this user or this user does not exist. tags: