diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2018-04-17 13:51:01 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-17 13:51:01 +0200 |
commit | aab5581c436c306e08df2668c530aab1cf526f20 (patch) | |
tree | 742006b3838c970d20b332ab11a0f141bdad2696 | |
parent | bb58fc003b5d9ac521a89e7f37c0b7fc1d45a4c9 (diff) |
Set Referrer-Policy to origin in web UI and public pages of private toots (#7162)
Fix #7115
-rw-r--r-- | app/controllers/home_controller.rb | 5 | ||||
-rw-r--r-- | app/controllers/statuses_controller.rb | 6 |
2 files changed, 11 insertions, 0 deletions
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index b1f8f1ad9..b71424107 100644 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -2,6 +2,7 @@ class HomeController < ApplicationController before_action :authenticate_user! + before_action :set_referrer_policy_header before_action :set_initial_state_json def index @@ -62,4 +63,8 @@ class HomeController < ApplicationController about_path end end + + def set_referrer_policy_header + response.headers['Referrer-Policy'] = 'origin' + end end diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index 41f098a43..a2943982a 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -13,6 +13,7 @@ class StatusesController < ApplicationController before_action :set_link_headers before_action :check_account_suspension before_action :redirect_to_original, only: [:show] + before_action :set_referrer_policy_header, only: [:show] before_action :set_cache_headers def show @@ -81,4 +82,9 @@ class StatusesController < ApplicationController def redirect_to_original redirect_to ::TagManager.instance.url_for(@status.reblog) if @status.reblog? end + + def set_referrer_policy_header + return if @status.public_visibility? || @status.unlisted_visibility? + response.headers['Referrer-Policy'] = 'origin' + end end |