diff options
| author | erdgeist <erdgeist@erdgeist.org> | 2026-06-29 21:32:32 +0200 |
|---|---|---|
| committer | erdgeist <erdgeist@erdgeist.org> | 2026-06-30 19:21:09 +0200 |
| commit | 3bb2271850bab577f35291a174b1985aea2b2b55 (patch) | |
| tree | 986ebaad5824505d7e997002a0729956f1bb87a6 /app/controllers | |
| parent | 3e81d3fabc663aafb942b3cac0a4cbfb5853e58b (diff) | |
Remove recent_changes RSS feed. It leaks unpublished drafts and the basic auth was only symbolic
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/rss_controller.rb | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/app/controllers/rss_controller.rb b/app/controllers/rss_controller.rb index 489a732..5e29698 100644 --- a/app/controllers/rss_controller.rb +++ b/app/controllers/rss_controller.rb | |||
| @@ -1,6 +1,5 @@ | |||
| 1 | class RssController < ApplicationController | 1 | class RssController < ApplicationController |
| 2 | 2 | ||
| 3 | before_action :authenticate, :only => :recent_changes | ||
| 4 | before_action :get_host | 3 | before_action :get_host |
| 5 | 4 | ||
| 6 | def updates | 5 | def updates |
| @@ -40,18 +39,7 @@ class RssController < ApplicationController | |||
| 40 | end | 39 | end |
| 41 | end | 40 | end |
| 42 | 41 | ||
| 43 | def recent_changes | ||
| 44 | @items = Page.where( | ||
| 45 | "updated_at < ? AND updated_at > ?", Time.now, Time.now - 14.days | ||
| 46 | ).limit(20).order("updated_at desc") | ||
| 47 | end | ||
| 48 | |||
| 49 | protected | 42 | protected |
| 50 | def authenticate | ||
| 51 | authenticate_or_request_with_http_basic do |username, password| | ||
| 52 | username == "recent" && password == "d@t3N+kLAu-23" | ||
| 53 | end | ||
| 54 | end | ||
| 55 | 43 | ||
| 56 | def get_host | 44 | def get_host |
| 57 | @host = request.protocol + request.host_with_port | 45 | @host = request.protocol + request.host_with_port |
