Make sure private toots remain private and do not end up in HTTP caches (#6175)
parent
89daeb43a8
commit
3bee0996c5
|
@ -124,6 +124,7 @@ class ApplicationController < ActionController::Base
|
||||||
|
|
||||||
def render_cached_json(cache_key, **options)
|
def render_cached_json(cache_key, **options)
|
||||||
options[:expires_in] ||= 3.minutes
|
options[:expires_in] ||= 3.minutes
|
||||||
|
options[:public] ||= true
|
||||||
cache_key = cache_key.join(':') if cache_key.is_a?(Enumerable)
|
cache_key = cache_key.join(':') if cache_key.is_a?(Enumerable)
|
||||||
content_type = options.delete(:content_type) || 'application/json'
|
content_type = options.delete(:content_type) || 'application/json'
|
||||||
|
|
||||||
|
@ -131,7 +132,7 @@ class ApplicationController < ActionController::Base
|
||||||
yield.to_json
|
yield.to_json
|
||||||
end
|
end
|
||||||
|
|
||||||
expires_in options[:expires_in], public: true
|
expires_in options[:expires_in], public: options[:public]
|
||||||
render json: data, content_type: content_type
|
render json: data, content_type: content_type
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -24,7 +24,7 @@ class StatusesController < ApplicationController
|
||||||
format.json do
|
format.json do
|
||||||
skip_session! unless @stream_entry.hidden?
|
skip_session! unless @stream_entry.hidden?
|
||||||
|
|
||||||
render_cached_json(['activitypub', 'note', @status.cache_key], content_type: 'application/activity+json') do
|
render_cached_json(['activitypub', 'note', @status.cache_key], content_type: 'application/activity+json', public: !@stream_entry.hidden?) do
|
||||||
ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter)
|
ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -34,7 +34,7 @@ class StatusesController < ApplicationController
|
||||||
def activity
|
def activity
|
||||||
skip_session!
|
skip_session!
|
||||||
|
|
||||||
render_cached_json(['activitypub', 'activity', @status.cache_key], content_type: 'application/activity+json') do
|
render_cached_json(['activitypub', 'activity', @status.cache_key], content_type: 'application/activity+json', public: !@stream_entry.hidden?) do
|
||||||
ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter)
|
ActiveModelSerializers::SerializableResource.new(@status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Reference in New Issue