diff options
author | ThibG <thib@sitedethib.com> | 2018-01-04 14:39:38 +0100 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2018-01-04 14:39:38 +0100 |
commit | 3bee0996c509f4b416096094061edbc9c10f5632 (patch) | |
tree | a9701cc8b84dfe0bf360450733d53d8c81ee5010 | |
parent | 89daeb43a88321d6568eeb6ffac68bdc810e41b5 (diff) |
Make sure private toots remain private and do not end up in HTTP caches (#6175)
-rw-r--r-- | app/controllers/application_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/statuses_controller.rb | 4 |
2 files changed, 4 insertions, 3 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e17d1f26e..f59f2725b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -124,6 +124,7 @@ class ApplicationController < ActionController::Base def render_cached_json(cache_key, **options) options[:expires_in] ||= 3.minutes + options[:public] ||= true cache_key = cache_key.join(':') if cache_key.is_a?(Enumerable) content_type = options.delete(:content_type) || 'application/json' @@ -131,7 +132,7 @@ class ApplicationController < ActionController::Base yield.to_json end - expires_in options[:expires_in], public: true + expires_in options[:expires_in], public: options[:public] render json: data, content_type: content_type end diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index 1a440fd59..367ea34e7 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -24,7 +24,7 @@ class StatusesController < ApplicationController format.json do skip_session! unless @stream_entry.hidden? - render_cached_json(['activitypub', 'note', @status.cache_key], content_type: 'application/activity+json') do + render_cached_json(['activitypub', 'note', @status.cache_key], content_type: 'application/activity+json', public: !@stream_entry.hidden?) do ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter) end end @@ -34,7 +34,7 @@ class StatusesController < ApplicationController def activity skip_session! - render_cached_json(['activitypub', 'activity', @status.cache_key], content_type: 'application/activity+json') do + render_cached_json(['activitypub', 'activity', @status.cache_key], content_type: 'application/activity+json', public: !@stream_entry.hidden?) do ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter) end end |