github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-28 13:51:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: Show only visible tags in metadata

Browse Source 
Currently, the topic metadata show both public and private
tags whereas only visible ones should be exposed.
This commit is contained in:
Loïc Guitaut
2023-02-22 16:01:32 +01:00
committed by Loïc Guitaut
parent 5dbdcb3f23
commit a9f2c6db64
7 changed files with 53 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/topics_controller.rb
View File

@ -1231,7 +1231,7 @@ class TopicsController < ApplicationController
respond_to do |format|
format.html do
@tags = SiteSetting.tagging_enabled ? @topic_view.topic.tags : []
@tags = SiteSetting.tagging_enabled ? @topic_view.topic.tags.visible(guardian) : []
@breadcrumbs = helpers.categories_breadcrumb(@topic_view.topic) || []
@description_meta =
@topic_view.topic.excerpt.present? ? @topic_view.topic.excerpt : @topic_view.summary