mastodon/app/controllers
Claire 34aeef3453
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
..
activitypub
admin
api
auth
concerns
disputes
filters
oauth
settings
well_known
about_controller.rb
accounts_controller.rb
application_controller.rb
authorize_interactions_controller.rb
backups_controller.rb
custom_css_controller.rb
emojis_controller.rb
filters_controller.rb
follower_accounts_controller.rb
following_accounts_controller.rb
health_controller.rb
home_controller.rb
instance_actors_controller.rb
intents_controller.rb
invites_controller.rb
manifests_controller.rb
media_controller.rb
media_proxy_controller.rb
privacy_controller.rb
relationships_controller.rb
shares_controller.rb
statuses_cleanup_controller.rb
statuses_controller.rb
tags_controller.rb