OStatus / Static FE access control fixes (!3053) · Merge requests · Pleroma / pleroma

Ivan Tashkinov requested to merge ostatus-controller-no-auth-check-on-non-federating-instances into develop Oct 01, 2020

Fixed the issue of direct links to statuses yielding 403 instead of 200 (with index file and meta when static FE is disabled / server-rendered status HTML when static FE is disabled) on non-federating instances.

Added missing access control restrictions (basing on :restrict_unauthenticated setting) to OStatusController, StaticFEController.

Misc. fixes (e.g. adjusted the list of actually supported request formats for each OStatus endpoint).

Edited Oct 11, 2020 by Ivan Tashkinov

OStatus / Static FE access control fixes

Merge request reports