From 86d8fba8556804010745fe93ff57bc6e2657dafa Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Wed, 5 Jun 2019 13:40:20 +0200
Subject: Fix potential private status leak (#10969)

---
 app/controllers/statuses_controller.rb | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'app/controllers/statuses_controller.rb')

diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb
index d2b32bb81..e56f1a9d5 100644
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@@ -30,9 +30,7 @@ class StatusesController < ApplicationController
   def show
     respond_to do |format|
       format.html do
-        use_pack 'public'
-
-        unless user_signed_in?
+        if current_account.nil?
           skip_session!
           expires_in 10.seconds, public: true
         end
@@ -64,7 +62,6 @@ class StatusesController < ApplicationController
   end
 
   def embed
-    use_pack 'embed'
     raise ActiveRecord::RecordNotFound if @status.hidden?
 
     skip_session!
-- 
cgit