oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-08-06 17:40:59 +00:00
Code Wiki Activity

fix(media): only fetch remote media when requested by authenticated endpoints

Browse source 
this was already done for thumbnails, but I forgot to do so for full-sized media
This commit is contained in:
Matthias Ahouansou 2025-07-07 11:56:02 +01:00
parent 03e7b1ad79
commit 7ddd32aeff
No known key found for this signature in database
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/api/client_server/media.rs
View file

@ -215,7 +215,7 @@ pub async fn get_content(
content_type,
content_disposition: Some(content_disposition),
})
} else if server_name != services().globals.server_name() && allow_remote {
} else if server_name != services().globals.server_name() && allow_remote && authenticated {
let remote_content_response = get_remote_content(server_name, media_id.clone()).await?;
Ok(get_content::v1::Response {
@ -297,7 +297,7 @@ async fn get_content_as_filename(
.with_filename(Some(filename.clone())),
),
})
} else if server_name != services().globals.server_name() && allow_remote {
} else if server_name != services().globals.server_name() && allow_remote && authenticated {
let remote_content_response = get_remote_content(server_name, media_id.clone()).await?;
Ok(get_content_as_filename::v1::Response {