From 7734dc033bac7dbeec20dbadf958b11dab231cd9 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Tue, 16 Aug 2022 02:57:52 -0600 Subject: [PATCH] Add instance post/profile embed config setting --- app/Http/Controllers/ProfileController.php | 4 ++++ app/Http/Controllers/StatusController.php | 5 +++++ config/instance.php | 5 +++++ 3 files changed, 14 insertions(+) diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index 179db033d..30957cf28 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -243,6 +243,10 @@ class ProfileController extends Controller { $res = view('profile.embed-removed'); + if(!config('instance.embed.profile')) { + return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); + } + if(strlen($username) > 15 || strlen($username) < 2) { return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); } diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php index db57d7a7b..7bfac3aa6 100644 --- a/app/Http/Controllers/StatusController.php +++ b/app/Http/Controllers/StatusController.php @@ -106,6 +106,11 @@ class StatusController extends Controller public function showEmbed(Request $request, $username, int $id) { + if(!config('instance.embed.post')) { + $res = view('status.embed-removed'); + return response($res)->withHeaders(['X-Frame-Options' => 'ALLOWALL']); + } + $profile = Profile::whereNull(['domain','status']) ->whereIsPrivate(false) ->whereUsername($username) diff --git a/config/instance.php b/config/instance.php index d2bf9231a..3347e8f83 100644 --- a/config/instance.php +++ b/config/instance.php @@ -86,4 +86,9 @@ return [ 'enable_cc' => env('ENABLE_CONFIG_CACHE', false), 'has_legal_notice' => env('INSTANCE_LEGAL_NOTICE', false), + + 'embed' => [ + 'profile' => env('INSTANCE_PROFILE_EMBEDS', true), + 'post' => env('INSTANCE_POST_EMBEDS', true), + ], ];