From 163bc1a706e9a94687d28c885c1ff02089498b94 Mon Sep 17 00:00:00 2001
From: Fire Demon <firedemon@creature.cafe>
Date: Tue, 11 Aug 2020 12:46:50 -0500
Subject: [Privacy] Check permissions of boosts and dereference boosts before
 sending to public timelines

---
 app/services/fan_out_on_write_service.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/services')

diff --git a/app/services/fan_out_on_write_service.rb b/app/services/fan_out_on_write_service.rb
index 08963cf5e..6102ed1e5 100644
--- a/app/services/fan_out_on_write_service.rb
+++ b/app/services/fan_out_on_write_service.rb
@@ -9,7 +9,7 @@ class FanOutOnWriteService < BaseService
     deliver_to_self(status) if status.account.local?
     return if only_to_self || !status.published?
 
-    render_anonymous_payload(status)
+    render_anonymous_payload(status.proper)
 
     if status.direct_visibility?
       deliver_to_mentioned_followers(status)
-- 
cgit