This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/app/controllers/api/v1
Eugen Rochko 48fee1a800
Fix poll API not requiring authentication on non-public polls (#10960)
* Fix poll API not requiring authentication on non-public polls

That API does not reveal the content of the status, i.e. the question
itself, nor who the author is, nor which status it belongs to, but it
does reveal the poll options and how many answers they got

Fix #10959

* Add test
2019-06-04 20:10:26 +02:00
..
accounts Improve blocked view of profiles (#10491) 2019-04-07 04:59:13 +02:00
apps Add vapid_key to the application entity in the REST API (#10058) 2019-02-16 05:27:05 +01:00
instances Explicitly disable storage of REST API results (#10655) 2019-05-03 20:39:19 +02:00
lists
polls Add polls (#10111) 2019-03-03 22:18:23 +01:00
push Fix web push notifications for polls (#10864) 2019-05-28 00:26:08 +02:00
statuses Improve blocked view of profiles (#10491) 2019-04-07 04:59:13 +02:00
timelines Fix `tagged` param not being normalized before querying tags (#10249) 2019-03-13 13:02:13 +01:00
accounts_controller.rb Improve blocked view of profiles (#10491) 2019-04-07 04:59:13 +02:00
apps_controller.rb
blocks_controller.rb
conversations_controller.rb
custom_emojis_controller.rb Explicitly disable storage of REST API results (#10655) 2019-05-03 20:39:19 +02:00
domain_blocks_controller.rb
endorsements_controller.rb
favourites_controller.rb
filters_controller.rb
follow_requests_controller.rb
follows_controller.rb
instances_controller.rb Explicitly disable storage of REST API results (#10655) 2019-05-03 20:39:19 +02:00
lists_controller.rb
media_controller.rb
mutes_controller.rb
notifications_controller.rb Add `account_id` param to `GET /api/v1/notifications` (#10796) 2019-05-21 13:28:49 +02:00
polls_controller.rb Fix poll API not requiring authentication on non-public polls (#10960) 2019-06-04 20:10:26 +02:00
preferences_controller.rb Add a preferences API so apps can share basic behaviours (#10109) 2019-03-15 02:39:20 +01:00
reports_controller.rb
scheduled_statuses_controller.rb Add scheduled statuses (#9706) 2019-01-05 12:43:28 +01:00
search_controller.rb Add type, limit, offset, min_id, max_id, account_id to search API (#10091) 2019-02-26 15:21:36 +01:00
statuses_controller.rb Add toot source to delete result to ease Delete & Redraft (#10669) 2019-05-11 06:46:43 +02:00
streaming_controller.rb
suggestions_controller.rb