logo

mastofe

My custom branche(s) on git.pleroma.social/pleroma/mastofe
commit: 32987004c95aebfc390b7cd9e93d9a386095c0a0
parent: 31ac5f0e00b003f060788d7a335f4ec33dd77d9a
Author: William Pitcock <nenolod@dereferenced.org>
Date:   Fri, 24 Nov 2017 18:36:08 -0600

status: preserve visibility attribute when reblogging (infoleak fix) (#5789)

this should fix *all* remaining visibility-related mastodon ostatus infoleaks.
thanks to @csaurus@gnusocial.de for pointing out the infoleak.

Diffstat:

Mapp/models/status.rb1+
1 file changed, 1 insertion(+), 0 deletions(-)

diff --git a/app/models/status.rb b/app/models/status.rb @@ -278,6 +278,7 @@ class Status < ApplicationRecord def set_visibility self.visibility = (account.locked? ? :private : :public) if visibility.nil? + self.visibility = reblog.visibility if reblog? self.sensitive = false if sensitive.nil? end