mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-23 21:15:05 +01:00
Set Referrer-Policy to origin in web UI and public pages of private toots (#7162)
Fix #7115
This commit is contained in:
parent
bb58fc003b
commit
aab5581c43
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
class HomeController < ApplicationController
|
class HomeController < ApplicationController
|
||||||
before_action :authenticate_user!
|
before_action :authenticate_user!
|
||||||
|
before_action :set_referrer_policy_header
|
||||||
before_action :set_initial_state_json
|
before_action :set_initial_state_json
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@ -62,4 +63,8 @@ class HomeController < ApplicationController
|
|||||||
about_path
|
about_path
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def set_referrer_policy_header
|
||||||
|
response.headers['Referrer-Policy'] = 'origin'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
@ -13,6 +13,7 @@ class StatusesController < ApplicationController
|
|||||||
before_action :set_link_headers
|
before_action :set_link_headers
|
||||||
before_action :check_account_suspension
|
before_action :check_account_suspension
|
||||||
before_action :redirect_to_original, only: [:show]
|
before_action :redirect_to_original, only: [:show]
|
||||||
|
before_action :set_referrer_policy_header, only: [:show]
|
||||||
before_action :set_cache_headers
|
before_action :set_cache_headers
|
||||||
|
|
||||||
def show
|
def show
|
||||||
@ -81,4 +82,9 @@ class StatusesController < ApplicationController
|
|||||||
def redirect_to_original
|
def redirect_to_original
|
||||||
redirect_to ::TagManager.instance.url_for(@status.reblog) if @status.reblog?
|
redirect_to ::TagManager.instance.url_for(@status.reblog) if @status.reblog?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def set_referrer_policy_header
|
||||||
|
return if @status.public_visibility? || @status.unlisted_visibility?
|
||||||
|
response.headers['Referrer-Policy'] = 'origin'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user