commit: 0d575735bfd280b878bdecc6d018d8cca23ad09f
parent 7efadc3cbd46369e960f31c33a2c555f718ca8c5
Author: Ivan Tashkinov <ivantashkinov@gmail.com>
Date: Thu, 1 Oct 2020 21:41:22 +0300
No auth check in UserController.feed_redirect/2, even on non-federating instances.
Diffstat:
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/lib/pleroma/web/feed/user_controller.ex b/lib/pleroma/web/feed/user_controller.ex
@@ -23,12 +23,7 @@ defmodule Pleroma.Web.Feed.UserController do
def feed_redirect(%{assigns: %{format: format}} = conn, _params)
when format in ["json", "activity+json"] do
- with %{halted: false} = conn <-
- Pleroma.Plugs.EnsureAuthenticatedPlug.call(conn,
- unless_func: &Pleroma.Web.FederatingPlug.federating?/1
- ) do
- ActivityPubController.call(conn, :user)
- end
+ ActivityPubController.call(conn, :user)
end
def feed_redirect(conn, %{"nickname" => nickname}) do
