1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-08-20 21:08:15 -07:00

Redirect logged out users to canonical URLs for remote accounts

This is clearer for users (showing all posts, as one would expect),
while patching a potential vector for leaking information to search
engines/etc.

Related: #20744
This commit is contained in:
Wesley Aptekar-Cassels 2023-07-13 16:34:10 -04:00
parent 71db616fed
commit 3fb47ec512

View file

@ -69,6 +69,10 @@ RemoteHint.propTypes = {
class AccountTimeline extends ImmutablePureComponent { class AccountTimeline extends ImmutablePureComponent {
static contextTypes = {
identity: PropTypes.object,
};
static propTypes = { static propTypes = {
params: PropTypes.shape({ params: PropTypes.shape({
acct: PropTypes.string, acct: PropTypes.string,
@ -92,7 +96,11 @@ class AccountTimeline extends ImmutablePureComponent {
}; };
_load () { _load () {
const { accountId, withReplies, params: { tagged }, dispatch } = this.props; const { accountId, withReplies, remote, remoteUrl, params: { tagged }, dispatch } = this.props;
if (remote && !this.context.identity.signedIn) {
window.location.replace(remoteUrl);
}
dispatch(fetchAccount(accountId)); dispatch(fetchAccount(accountId));