devol/fediembedi-wordpress-widget-embed-fediverso
1
0
Fork 0
mirror of https://git.feneas.org/mediaformat/fediembedi synced 2025-03-06 18:37:39 +01:00
Code Issues Releases Wiki Activity

security fix: statuses with visibility marked unlisted, private, and direct could be displayed publicly

Browse Source
This commit is contained in:
Django Doucet 2020-03-11 00:42:29 -04:00
parent 98d4c111c2
commit 497c851ee3
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fediembedi-client.php
View File

@ -173,7 +173,7 @@ class FediClient
$account_id = self::$acct_id;
$response = $this->_get("/api/v1/accounts/{$account_id}", null, $headers);
$response = $this->_get("/api/v1/accounts/{$account_id}", null, null);
return $response;
}

2
fediembedi.php
View File

@ -174,7 +174,7 @@ class FediConfig
//getStatus from remote instance
$status = $client->getStatus($atts['only_media'], $atts['pinned'], $atts['exclude_replies'], null, null, null, $atts['limit'], $atts['exclude_reblogs']);
//if(WP_DEBUG_DISPLAY === true): echo '<details><summary>Mastodon</summary><pre>'; var_dump($client->getStatus($atts['only_media'], $atts['pinned'], $atts['exclude_replies'], null, null, null, $atts['limit'], $atts['exclude_reblogs'])); echo '</pre></details>'; endif;
//if(WP_DEBUG_DISPLAY === true): echo '<details><summary>Mastodon</summary><pre>'; var_dump($status); echo '</pre></details>'; endif;
$show_header = $atts['show_header'];
$account = $status[0]->account;
include(plugin_dir_path(__FILE__) . 'templates/mastodon.tpl.php' );