mastodon/app/controllers
Eugen Rochko 48fee1a800
Fix poll API not requiring authentication on non-public polls (#10960)
* Fix poll API not requiring authentication on non-public polls

That API does not reveal the content of the status, i.e. the question
itself, nor who the author is, nor which status it belongs to, but it
does reveal the poll options and how many answers they got

Fix #10959

* Add test
2019-06-04 20:10:26 +02:00
..
activitypub Cache featured collections, as well as outbox, followers and following (#10467) 2019-04-04 01:30:44 +02:00
admin Record account suspend/silence time and keep track of domain blocks (#10660) 2019-05-14 19:05:02 +02:00
api Fix poll API not requiring authentication on non-public polls (#10960) 2019-06-04 20:10:26 +02:00
auth Check that an invite link is valid before bypassing approval mode (#10657) 2019-05-02 04:30:12 +02:00
concerns Move signature verification stoplight to the requests themselves (#10813) 2019-05-23 15:22:39 +02:00
oauth Fix authorized applications list page design (#9969) 2019-02-04 22:25:42 +01:00
settings Add responsive panels to the single-column layout (#10820) 2019-05-25 21:27:00 +02:00
well_known Add Keybase integration (#10297) 2019-03-18 21:00:55 +01:00
about_controller.rb Add "why do you want to join" field to invite requests (#10524) 2019-04-09 23:06:30 +09:00
account_follow_controller.rb
account_unfollow_controller.rb
accounts_controller.rb Reduce server load caused by anonymous viewing. (#9059) 2019-03-17 15:39:25 +01:00
application_controller.rb Reduce server load caused by anonymous viewing. (#9059) 2019-03-17 15:39:25 +01:00
authorize_interactions_controller.rb
custom_css_controller.rb
directories_controller.rb Change icons of features on admin dashboard to remove bias (#10366) 2019-03-26 01:24:19 +01:00
emojis_controller.rb
filters_controller.rb
follower_accounts_controller.rb Cache featured collections, as well as outbox, followers and following (#10467) 2019-04-04 01:30:44 +02:00
following_accounts_controller.rb Cache featured collections, as well as outbox, followers and following (#10467) 2019-04-04 01:30:44 +02:00
home_controller.rb Record account suspend/silence time and keep track of domain blocks (#10660) 2019-05-14 19:05:02 +02:00
intents_controller.rb
invites_controller.rb
manifests_controller.rb
media_controller.rb fix CSP / X-Frame-Options for media embeds (#9558) 2018-12-18 16:40:30 +01:00
media_proxy_controller.rb
public_timelines_controller.rb Redesign landing page (#10232) 2019-03-12 17:34:00 +01:00
relationships_controller.rb Add order options to relationship manager UI (#10404) 2019-03-28 02:16:01 +01:00
remote_follow_controller.rb
remote_interaction_controller.rb Change remote interaction dialog to use specific actions (#9743) 2019-01-07 15:36:26 +01:00
remote_unfollows_controller.rb
shares_controller.rb Fix admin validation being too strict about usernames (#10449) 2019-04-06 17:53:17 +02:00
statuses_controller.rb Add some caching for HTML versions of statuses pages (#10701) 2019-05-09 22:03:44 +02:00
stream_entries_controller.rb Add some caching for HTML versions of statuses pages (#10701) 2019-05-09 22:03:44 +02:00
tags_controller.rb Fix tagged param not being normalized before querying tags (#10249) 2019-03-13 13:02:13 +01:00