From 3fb47ec5123adca510cb309920ea3d42208b2e6d Mon Sep 17 00:00:00 2001
From: Wesley Aptekar-Cassels <me@wesleyac.com>
Date: Thu, 13 Jul 2023 16:34:10 -0400
Subject: [PATCH] Redirect logged out users to canonical URLs for remote
 accounts

This is clearer for users (showing all posts, as one would expect),
while patching a potential vector for leaking information to search
engines/etc.

Related: #20744
---
 .../mastodon/features/account_timeline/index.jsx       | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/javascript/mastodon/features/account_timeline/index.jsx b/app/javascript/mastodon/features/account_timeline/index.jsx
index 0f18c043b81..8fd87172e93 100644
--- a/app/javascript/mastodon/features/account_timeline/index.jsx
+++ b/app/javascript/mastodon/features/account_timeline/index.jsx
@@ -69,6 +69,10 @@ RemoteHint.propTypes = {
 
 class AccountTimeline extends ImmutablePureComponent {
 
+  static contextTypes = {
+    identity: PropTypes.object,
+  };
+
   static propTypes = {
     params: PropTypes.shape({
       acct: PropTypes.string,
@@ -92,7 +96,11 @@ class AccountTimeline extends ImmutablePureComponent {
   };
 
   _load () {
-    const { accountId, withReplies, params: { tagged }, dispatch } = this.props;
+    const { accountId, withReplies, remote, remoteUrl, params: { tagged }, dispatch } = this.props;
+
+    if (remote && !this.context.identity.signedIn) {
+      window.location.replace(remoteUrl);
+    }
 
     dispatch(fetchAccount(accountId));