No auth check in UserController.feed_redirect/2, even on non-federating instances.
This commit is contained in:
parent
7efadc3cbd
commit
0d575735bf
|
@ -23,12 +23,7 @@ def feed_redirect(%{assigns: %{format: "html"}} = conn, %{"nickname" => nickname
|
||||||
|
|
||||||
def feed_redirect(%{assigns: %{format: format}} = conn, _params)
|
def feed_redirect(%{assigns: %{format: format}} = conn, _params)
|
||||||
when format in ["json", "activity+json"] do
|
when format in ["json", "activity+json"] do
|
||||||
with %{halted: false} = conn <-
|
ActivityPubController.call(conn, :user)
|
||||||
Pleroma.Plugs.EnsureAuthenticatedPlug.call(conn,
|
|
||||||
unless_func: &Pleroma.Web.FederatingPlug.federating?/1
|
|
||||||
) do
|
|
||||||
ActivityPubController.call(conn, :user)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def feed_redirect(conn, %{"nickname" => nickname}) do
|
def feed_redirect(conn, %{"nickname" => nickname}) do
|
||||||
|
|
Loading…
Reference in New Issue