"Never send encrypted messages to unverified devices in this room from this device" seems to be ignored if enabled #9235
Comments
turt2live
added
P1
S-Critical
Fixes element-hq/element-web#9235 The global option in user settings is unaffected by this bug. Users who have previously set the per-room flag without success can simply refresh the page and the change will be picked up. The bug here is that the current session would not update accordingly, however. Introduced in #2523
|
This ultimately only affects the per-room option. The global option works fine. Refreshing the page after setting the flag does do the right thing, however the current session was not affected. Introduced in matrix-org/matrix-react-sdk#2523 and fixed by matrix-org/matrix-react-sdk#2817 |
|
thx for your reply @turt2live. I have to correct my issue description a little bit although the given issue description is not wrong: Messages sent via "send anyway" are shown as "Unable to decrypt: The sender's device has not sent us the keys for this message.". |
* Device manager - hide unverified security recommendation when only current session is unverified ([\element-hq#9228](matrix-org/matrix-react-sdk#9228)). Contributed by @kerryarchibald. * Device manager - scroll to filtered list from security recommendations ([\element-hq#9227](matrix-org/matrix-react-sdk#9227)). Contributed by @kerryarchibald. * Device manager - updated dropdown style in filtered device list ([\element-hq#9226](matrix-org/matrix-react-sdk#9226)). Contributed by @kerryarchibald. * Device manager - device type and verification icons on device tile ([\element-hq#9197](matrix-org/matrix-react-sdk#9197)). Contributed by @kerryarchibald. * Description of DM room with more than two other people is now being displayed correctly ([\element-hq#9231](matrix-org/matrix-react-sdk#9231)). Fixes element-hq#23094. * Fix voice messages with multiple composers ([\element-hq#9208](matrix-org/matrix-react-sdk#9208)). Fixes element-hq#23023. Contributed by @grimhilt. * Fix suggested rooms going missing ([\element-hq#9236](matrix-org/matrix-react-sdk#9236)). Fixes element-hq#23190. * Fix tooltip infinitely recursing ([\element-hq#9235](matrix-org/matrix-react-sdk#9235)). Fixes matrix-org/element-web-rageshakes#15107, matrix-org/element-web-rageshakes#15093 matrix-org/element-web-rageshakes#15092 and matrix-org/element-web-rageshakes#15077. * Fix plain text export saving ([\element-hq#9230](matrix-org/matrix-react-sdk#9230)). Contributed by @jryans. * Add missing space in SecurityRoomSettingsTab ([\element-hq#9222](matrix-org/matrix-react-sdk#9222)). Contributed by @gefgu. * Make use of js-sdk roomNameGenerator to handle i18n for generated room names ([\element-hq#9209](matrix-org/matrix-react-sdk#9209)). Fixes element-hq#21369. * Fix progress bar regression throughout the app ([\element-hq#9219](matrix-org/matrix-react-sdk#9219)). Fixes element-hq#23121. * Reuse empty string & space string logic for event types in devtools ([\element-hq#9218](matrix-org/matrix-react-sdk#9218)). Fixes element-hq#23115.
Description
If I enable the security option "Never send encrypted messages to unverified devices in this room from this device" for an encrypted room I can choose "send anyway" in the "unknown devices" warning and the message will be send.
Steps to reproduce
The message should not be send. There should be an info message instead saying something like:
Version information
For the desktop app:
Edit: I have to correct my issue description a little bit although the given issue description is not wrong: Messages sent via "send anyway" are shown as "Unable to decrypt: The sender's device has not sent us the keys for this message.".
After I verified the fingerprint of the recipients device the message was readable for the recipient. So the bug seems unfortunately not to be a security problem but anyway very irritating (a message in such a room shouldn't be delivered at all).
The text was updated successfully, but these errors were encountered: