about summary refs log tree commit diff
diff options
context:
space:
mode:
authormultiple creatures <dev@multiple-creature.party>2019-08-17 03:24:58 -0500
committermultiple creatures <dev@multiple-creature.party>2019-08-18 15:10:34 -0500
commit87136f77d726a650c4f02feafe4283aa78eaf27a (patch)
tree4cf6c5205aaf57849eb301484ff4f0937e462cf2
parent92616f265c14c9f23c42f9ed31db822ce5e5a315 (diff)
privacy - require authentication on all timeline endpoints to make life difficult for fediverse archivers
-rw-r--r--app/controllers/api/v1/timelines/public_controller.rb1
-rw-r--r--streaming/index.js7
2 files changed, 1 insertions, 7 deletions
diff --git a/app/controllers/api/v1/timelines/public_controller.rb b/app/controllers/api/v1/timelines/public_controller.rb
index aabe24324..9c3f6c0a8 100644
--- a/app/controllers/api/v1/timelines/public_controller.rb
+++ b/app/controllers/api/v1/timelines/public_controller.rb
@@ -13,6 +13,7 @@ class Api::V1::Timelines::PublicController < Api::BaseController
   private
 
   def load_statuses
+    return [] unless user_signed_in?
     cached_public_statuses
   end
 
diff --git a/streaming/index.js b/streaming/index.js
index eccf5219f..ff375a894 100644
--- a/streaming/index.js
+++ b/streaming/index.js
@@ -250,10 +250,6 @@ const startWorker = (workerId) => {
   };
 
   const PUBLIC_STREAMS = [
-    'public',
-    'public:media',
-    'public:local',
-    'public:local:media',
     'hashtag',
     'hashtag:local',
   ];
@@ -273,10 +269,7 @@ const startWorker = (workerId) => {
   };
 
   const PUBLIC_ENDPOINTS = [
-    '/api/v1/streaming/public',
-    '/api/v1/streaming/public/local',
     '/api/v1/streaming/hashtag',
-    '/api/v1/streaming/hashtag/local',
   ];
 
   const authenticationMiddleware = (req, res, next) => {