From 3bb2271850bab577f35291a174b1985aea2b2b55 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Mon, 29 Jun 2026 21:32:32 +0200 Subject: Remove recent_changes RSS feed. It leaks unpublished drafts and the basic auth was only symbolic --- app/controllers/rss_controller.rb | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'app/controllers') diff --git a/app/controllers/rss_controller.rb b/app/controllers/rss_controller.rb index 489a732..5e29698 100644 --- a/app/controllers/rss_controller.rb +++ b/app/controllers/rss_controller.rb @@ -1,6 +1,5 @@ class RssController < ApplicationController - before_action :authenticate, :only => :recent_changes before_action :get_host def updates @@ -40,18 +39,7 @@ class RssController < ApplicationController end end - def recent_changes - @items = Page.where( - "updated_at < ? AND updated_at > ?", Time.now, Time.now - 14.days - ).limit(20).order("updated_at desc") - end - protected - def authenticate - authenticate_or_request_with_http_basic do |username, password| - username == "recent" && password == "d@t3N+kLAu-23" - end - end def get_host @host = request.protocol + request.host_with_port -- cgit v1.3