From c89ccb3e755163eceb6b48f4d5abe57365490cd1 Mon Sep 17 00:00:00 2001
From: Noah Markert <RamReso@gmail.com>
Date: Wed, 29 Apr 2026 16:21:35 +0200
Subject: [PATCH 1/2] limit link schemes in in messages in e-mail push
 notifications

---
 synapse/push/mailer.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py
index 1ebbc6d4f39..3316ed70a95 100644
--- a/synapse/push/mailer.py
+++ b/synapse/push/mailer.py
@@ -112,7 +112,7 @@
     "img": ["src"],
 }
 # When bleach release a version with this option, we can specify schemes
-# ALLOWED_SCHEMES = ["http", "https", "ftp", "mailto"]
+ALLOWED_SCHEMES = ["http", "https", "mailto"]
 
 
 class Mailer:
@@ -972,7 +972,7 @@ def safe_markup(raw_html: str) -> Markup:
                 tags=ALLOWED_TAGS,
                 attributes=ALLOWED_ATTRS,
                 # bleach master has this, but it isn't released yet
-                # protocols=ALLOWED_SCHEMES,
+                protocols=ALLOWED_SCHEMES,
                 strip=True,
             )
         )

From 7909158bf4fe1e8a79b733b50118960d56bef2e5 Mon Sep 17 00:00:00 2001
From: Noah Markert <RamReso@gmail.com>
Date: Wed, 29 Apr 2026 16:37:57 +0200
Subject: [PATCH 2/2] added changelog.

---
 changelog.d/19741.misc | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/19741.misc

diff --git a/changelog.d/19741.misc b/changelog.d/19741.misc
new file mode 100644
index 00000000000..4910b3e40ca
--- /dev/null
+++ b/changelog.d/19741.misc
@@ -0,0 +1 @@
+Limit the allowed link schemes to `["http", "https", "mailto"]` from messages contained in e-mail push notifications. Contributed by Noah Markert.