diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2019-07-11 20:11:09 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-07-11 20:11:09 +0200 |
commit | 5bf67ca91350e40e6f329271d3ca2bdcba87ab64 (patch) | |
tree | e6a124c0c3913900a6d55c163b0ef308bfae64c7 /app/controllers/tags_controller.rb | |
parent | 4e1260feaa09bfa7305887e34cb129b37bee6c52 (diff) |
Add ActivityPub secure mode (#11269)
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
Diffstat (limited to 'app/controllers/tags_controller.rb')
-rw-r--r-- | app/controllers/tags_controller.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index 2ecce0ca2..d08e5a61a 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -1,10 +1,13 @@ # frozen_string_literal: true class TagsController < ApplicationController + include SignatureVerification + PAGE_SIZE = 20 layout 'public' + before_action :require_signature!, if: -> { request.format == :json && authorized_fetch_mode? } before_action :set_tag before_action :set_body_classes before_action :set_instance_presenter @@ -30,7 +33,7 @@ class TagsController < ApplicationController end format.json do - expires_in 3.minutes, public: true + expires_in 3.minutes, public: public_fetch_mode? @statuses = HashtagQueryService.new.call(@tag, params.slice(:any, :all, :none), current_account, params[:local]).paginate_by_max_id(PAGE_SIZE, params[:max_id]) @statuses = cache_collection(@statuses, Status) |