fix loophole when MASTODON_ALLOW_ANY_SITE is off
This commit is contained in:
parent
b4e3dda09e
commit
cbe4555dfd
1 changed files with 2 additions and 0 deletions
|
@ -98,6 +98,8 @@ def login(request):
|
|||
return HttpResponseBadRequest()
|
||||
|
||||
def connect(request):
|
||||
if not settings.MASTODON_ALLOW_ANY_SITE:
|
||||
return redirect(reverse("users:login"))
|
||||
domain = request.GET.get('domain').strip().lower()
|
||||
app = MastodonApplication.objects.filter(domain_name=domain).first()
|
||||
if app is None:
|
||||
|
|
Loading…
Add table
Reference in a new issue