element-web icon indicating copy to clipboard operation
element-web copied to clipboard

Published 20 hours ago verified publisher icon element-hq

Forwarding media sends the encrypted media into unencrypted rooms

Open deepbluev7 opened this issue 1 year ago • 2 comments

Steps to reproduce

  1. Upload an image into an encrypted room
  2. Forward it into an unencrypted room

Outcome

What did you expect?

The image should be sent as if I sent it into the unencrypted room in the first place.

What happened instead?

It is sent as an encrypted attachment. This means several clients can't or will refuse to decrypt the image. It also breaks bots and if you are trying to get around broken E2EE or someone not having E2EE, this is not possible using forwards because of this.

Operating system

Any

Browser information

Any

URL for webapp

app.element.io

Application version

1.11.5

Homeserver

any

Will you send logs?

No

deepbluev7 avatar Sep 16 '22 16:09 deepbluev7

This was chosen deliberately to avoid having to download & re-upload the media, potentially consuming significant bandwidth

t3chguy avatar Sep 20 '22 08:09 t3chguy

You can still reuse the media when going unencrypted -> unencrypted, unencrypted -> encrypted and encrypted->encrypted. It however breaks other clients when going encrypted->unencrypted, especially if they don't support encryption yet. It is also very surprising for people why stuff like the TWIM bot doesn't work with forwarded images (since they usually don't even know about this limitation).

deepbluev7 avatar Sep 20 '22 12:09 deepbluev7