From 7fa23ec697e9e2c5f0434b9682de7017133df8dc Mon Sep 17 00:00:00 2001 From: ThibG Date: Wed, 5 Jun 2019 13:40:20 +0200 Subject: [PATCH] Fix potential private status leak (#10969) --- app/controllers/statuses_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index e60646ba338..b8f4e675ed8 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -27,7 +27,7 @@ class StatusesController < ApplicationController def show respond_to do |format| format.html do - unless user_signed_in? + if current_account.nil? skip_session! expires_in 10.seconds, public: true end