github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 03:21:12 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: User action route was returning too much data

Browse Source
This commit is contained in:
Robin Ward
2014-08-29 13:46:50 -04:00
parent 16c9f073b5
commit 926e45d030
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/user_actions_controller.rb
View File

@ -22,7 +22,7 @@ class UserActionsController < ApplicationController
def show
params.require(:id)
render json: UserAction.stream_item(params[:id], guardian)
render_serialized(UserAction.stream_item(params[:id], guardian), UserActionSerializer)
end
def private_messages