about summary refs log tree commit diff
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/remote_follow_controller.rb1
-rw-r--r--app/controllers/statuses_controller.rb5
2 files changed, 6 insertions, 0 deletions
diff --git a/app/controllers/remote_follow_controller.rb b/app/controllers/remote_follow_controller.rb
index 3b988e08d..cd61fd763 100644
--- a/app/controllers/remote_follow_controller.rb
+++ b/app/controllers/remote_follow_controller.rb
@@ -5,6 +5,7 @@ class RemoteFollowController < ApplicationController
 
   before_action :set_account
   before_action :gone, if: :suspended_account?
+  before_action :set_body_classes
 
   def new
     @remote_follow = RemoteFollow.new(session_params)
diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb
index 645995c2a..b85341822 100644
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@@ -46,7 +46,12 @@ class StatusesController < ApplicationController
   end
 
   def embed
+    raise ActiveRecord::RecordNotFound if @status.hidden?
+
+    skip_session!
+    expires_in 180, public: true
     response.headers['X-Frame-Options'] = 'ALLOWALL'
+
     render 'stream_entries/embed', layout: 'embedded'
   end