Merge branch 'warning/mastofe-settings-blob' into 'develop' - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

commit: 98f014d3be22bc74e22ed93677d4381e782f2a5a
parent 46f7e51b27757598b1e508104edbb6f89356d043
Author: Haelwenn <contact+git.pleroma.social@hacktivis.me>
Date:   Mon, 22 Jun 2020 21:59:21 +0000

Merge branch 'warning/mastofe-settings-blob' into 'develop'

Add warning against parsing/reusing MastoFE settings blob

See merge request pleroma/pleroma!2671
Diffstat:
M lib/pleroma/web/masto_fe_controller.ex 2 +-
M lib/pleroma/web/router.ex 1 +

2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/pleroma/web/masto_fe_controller.ex b/lib/pleroma/web/masto_fe_controller.ex
@@ -49,7 +49,7 @@ defmodule Pleroma.Web.MastoFEController do
     |> render("manifest.json")
   end
 
-  @doc "PUT /api/web/settings"
+  @doc "PUT /api/web/settings: Backend-obscure settings blob for MastoFE, don't parse/reuse elsewhere"
   def put_settings(%{assigns: %{user: user}} = conn, %{"data" => settings} = _params) do
     with {:ok, _} <- User.mastodon_settings_update(user, settings) do
       json(conn, %{})
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
@@ -467,6 +467,7 @@ defmodule Pleroma.Web.Router do
   scope "/api/web", Pleroma.Web do
     pipe_through(:authenticated_api)
 
+    # Backend-obscure settings blob for MastoFE, don't parse/reuse elsewhere
     put("/settings", MastoFEController, :put_settings)
   end

M	lib/pleroma/web/masto_fe_controller.ex	2	+-
M	lib/pleroma/web/router.ex	1	+