fix: Missing sigil

chore: Correct news frag file name
perf: Attempt to prevent people joining known busted rooms
2026-03-08 20:24:30 +00:00 · 2026-03-07 17:04:13 +00:00 · 2026-03-07 17:03:41 +00:00
4 changed files with 61 additions and 4 deletions
--- a/changelog.d/1503.feature
+++ b/changelog.d/1503.feature
@ -0,0 +1 @@
+Added a list of rooms that are forcefully banned for performance reasons, to prevent new users foot-gunning themselves by joining them. Contributed by @nex.
--- a/conduwuit-example.toml
+++ b/conduwuit-example.toml
@ -1519,6 +1519,23 @@
 #
 #forbidden_alias_names = []

+# Allow joining rooms that are known to be broken or have a history of
+# causing issues.
+#
+# The rooms that are banned in this way are hardcoded and set by the
+# maintainers, and cannot be configured. This method is a last-resort to
+# prevent people who are just setting up Matrix from joining these huge,
+# old rooms that have been recommended to them, only to watch their
+# server turn into a space heater and have horrific performance issues
+# that are unresolvable due to the completely broken state of the rooms.
+#
+# If you enable this option, you acknowledge that joining rooms banned by
+# this feature will likely cause you severe performance issues, and you
+# forgo your right to complain about any slowdowns or inflated resource
+# usage you encounter.
+#
+#allow_joining_broken_rooms = false
+
 # List of forbidden username patterns/strings.
 #
 # Regex can be used or explicit contains matches can be done by just
--- a/src/api/client/membership/mod.rs
+++ b/src/api/client/membership/mod.rs
@ -58,6 +58,19 @@ pub(crate) async fn joined_rooms_route(
 	})
 }

+const BROKEN_ROOM_IDS: [&str; 10] = [
+	"!iMZEhwCvbfeAYUxAjZ:t2l.io", // Matrix community space - insanely broken state
+	"!OGEhHVWSdvArJzumhm:matrix.org", // Old Matrix HQ - huge room, very broken
+	"!IemiTbwVankHTFiEoh:matrix.org", // Old Element Web - huge room, very broken
+	"!brXHJeAtqliwNGqHQx:lossy.network", // NixOS space - frequent bug reports, huge state
+	"!04iUOXvKl6GxOztTbP230xhKR-hu4kPzrzfjiv9dc_8", // GrapheneOS space - frequent bug reports
+	"!MBrxZRUoApYYjmyion:t2bot.io", // Old t2bot room - insane auth chain depths
+	"!izahlpcyIDeymNjiOd:matrix.debian.social", // #debian-next:matrix.debian.social
+	"!vMLhvOKUhgmYGpkwjX:matrix.debian.social", // debian main room
+	"!mefQhZzgTaxNCNzAeK:kde.org", // KDE user help
+	"!OTxETzuhBDbnPqBqbP:kde.org", // KDE space
+];
+
 /// Checks if the room is banned in any way possible and the sender user is not
 /// an admin.
 ///
@ -71,11 +84,15 @@ pub(crate) async fn banned_room_check(
 	server_name: Option<&ServerName>,
 	client_ip: IpAddr,
 ) -> Result {
-	if services.users.is_admin(user_id).await {
-		return Ok(());
-	}
-
 	if let Some(room_id) = room_id {
+		if !services.config.allow_joining_broken_rooms
+			&& BROKEN_ROOM_IDS.contains(&room_id.as_str())
+		{
+			return Err!(Request(Forbidden("This room is too complex.")));
+		}
+		if services.users.is_admin(user_id).await {
+			return Ok(());
+		}
 		let room_banned = services.rooms.metadata.is_banned(room_id).await;
 		let server_banned = room_id.server_name().is_some_and(|server_name| {
 			services.moderation.is_remote_server_forbidden(server_name)
@ -116,6 +133,9 @@ pub(crate) async fn banned_room_check(
 			return Err!(Request(Forbidden("This room is banned on this homeserver.")));
 		}
 	} else if let Some(server_name) = server_name {
+		if services.users.is_admin(user_id).await {
+			return Ok(());
+		}
 		if services
 			.config
 			.forbidden_remote_server_names
--- a/src/core/config/mod.rs
+++ b/src/core/config/mod.rs
@ -1751,6 +1751,25 @@ pub struct Config {
 	#[serde(default, with = "serde_regex")]
 	pub forbidden_alias_names: RegexSet,

+	/// Allow joining rooms that are known to be broken or have a history of
+	/// causing issues.
+	///
+	/// The rooms that are banned in this way are hardcoded and set by the
+	/// maintainers, and cannot be configured. This method is a last-resort to
+	/// prevent people who are just setting up Matrix from joining these huge,
+	/// old rooms that have been recommended to them, only to watch their
+	/// server turn into a space heater and have horrific performance issues
+	/// that are unresolvable due to the completely broken state of the rooms.
+	///
+	/// If you enable this option, you acknowledge that joining rooms banned by
+	/// this feature will likely cause you severe performance issues, and you
+	/// forgo your right to complain about any slowdowns or inflated resource
+	/// usage you encounter.
+	///
+	/// default: false
+	#[serde(default)]
+	pub allow_joining_broken_rooms: bool,
+
 	/// List of forbidden username patterns/strings.
 	///
 	/// Regex can be used or explicit contains matches can be done by just
Author	SHA1	Message	Date
timedout	4951d6c7b9	fix: Missing sigil	2026-03-08 20:24:30 +00:00
timedout	b42e6a67f0	chore: Correct news frag file name	2026-03-07 17:04:13 +00:00
timedout	511bb8bf55	perf: Attempt to prevent people joining known busted rooms	2026-03-07 17:03:41 +00:00
				`@ -0,0 +1 @@`
				`Added a list of rooms that are forcefully banned for performance reasons, to prevent new users foot-gunning themselves by joining them. Contributed by @nex.`