Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Register
  • Sign in
  • pleroma pleroma
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 645
    • Issues 645
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 86
    • Merge requests 86
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • PleromaPleroma
  • pleromapleroma
  • Merge requests
  • !3053

OStatus / Static FE access control fixes

  • Review changes

  • Download
  • Email patches
  • Plain diff
Merged Ivan Tashkinov requested to merge ostatus-controller-no-auth-check-on-non-federating-instances into develop Oct 01, 2020
  • Overview 6
  • Commits 12
  • Pipelines 7
  • Changes 13

Fixed the issue of direct links to statuses yielding 403 instead of 200 (with index file and meta when static FE is disabled / server-rendered status HTML when static FE is disabled) on non-federating instances.

Added missing access control restrictions (basing on :restrict_unauthenticated setting) to OStatusController, StaticFEController.

Misc. fixes (e.g. adjusted the list of actually supported request formats for each OStatus endpoint).

Edited Oct 11, 2020 by Ivan Tashkinov
Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: ostatus-controller-no-auth-check-on-non-federating-instances