status: preserve visibility attribute when reblogging (infoleak fix) (#5789)
this should fix *all* remaining visibility-related mastodon ostatus infoleaks. thanks to @csaurus@gnusocial.de for pointing out the infoleak.
This commit is contained in:
parent
31ac5f0e00
commit
32987004c9
|
@ -278,6 +278,7 @@ class Status < ApplicationRecord
|
||||||
|
|
||||||
def set_visibility
|
def set_visibility
|
||||||
self.visibility = (account.locked? ? :private : :public) if visibility.nil?
|
self.visibility = (account.locked? ? :private : :public) if visibility.nil?
|
||||||
|
self.visibility = reblog.visibility if reblog?
|
||||||
self.sensitive = false if sensitive.nil?
|
self.sensitive = false if sensitive.nil?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue