Ensure embeds will not be served if unauthenticated users could not see it
This commit is contained in:
parent
c8904f15a2
commit
16d2bfef80
2 changed files with 7 additions and 1 deletions
|
@ -6,10 +6,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
|
|
||||||
## Unreleased
|
## Unreleased
|
||||||
|
|
||||||
|
## Added
|
||||||
|
|
||||||
- Added a new configuration option to the MediaProxy feature that allows the blocking of specific domains from using the media proxy or being explicitly allowed by the Content-Security-Policy.
|
- Added a new configuration option to the MediaProxy feature that allows the blocking of specific domains from using the media proxy or being explicitly allowed by the Content-Security-Policy.
|
||||||
- Please make sure instances you wanted to block media from are not in the MediaProxy `whitelist`, and instead use `blocklist`.
|
- Please make sure instances you wanted to block media from are not in the MediaProxy `whitelist`, and instead use `blocklist`.
|
||||||
- `OnlyMedia` Upload Filter to simplify restricting uploads to audio, image, and video types
|
- `OnlyMedia` Upload Filter to simplify restricting uploads to audio, image, and video types
|
||||||
|
|
||||||
|
## Fixed
|
||||||
|
|
||||||
|
- Deactivated users can no longer show up in the emoji reaction list
|
||||||
|
|
||||||
## 2023.05
|
## 2023.05
|
||||||
|
|
||||||
## Added
|
## Added
|
||||||
|
|
|
@ -16,7 +16,7 @@ defmodule Pleroma.Web.EmbedController do
|
||||||
def show(conn, %{"id" => id}) do
|
def show(conn, %{"id" => id}) do
|
||||||
with %Activity{local: true} = activity <-
|
with %Activity{local: true} = activity <-
|
||||||
Activity.get_by_id_with_object(id),
|
Activity.get_by_id_with_object(id),
|
||||||
true <- Visibility.is_public?(activity.object) do
|
true <- Visibility.visible_for_user?(activity.object, nil) do
|
||||||
{:ok, author} = User.get_or_fetch(activity.object.data["actor"])
|
{:ok, author} = User.get_or_fetch(activity.object.data["actor"])
|
||||||
|
|
||||||
conn
|
conn
|
||||||
|
|
Loading…
Reference in a new issue