aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-10-16 22:31:38 -0700
committerzotlabs <mike@macgirvin.com>2017-10-16 22:31:38 -0700
commita791809a840f168cfe65ea9fd09a30b271f7731e (patch)
treeff245d033c6fd6f8b80f87ce67a37fd6813989f7 /include/security.php
parent71c3a0a197c1c82a20b7fef8fa587dfc111e1487 (diff)
downloadvolse-hubzilla-a791809a840f168cfe65ea9fd09a30b271f7731e.tar.gz
volse-hubzilla-a791809a840f168cfe65ea9fd09a30b271f7731e.tar.bz2
volse-hubzilla-a791809a840f168cfe65ea9fd09a30b271f7731e.zip
ensure guests hve a unique (non-existent) url so that network discovery on remote servers doesn't come up mis-attributing the token. Future work should probably provide an actual page at this location describing it as a guest account of 'xyz'.
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/security.php b/include/security.php
index 16c6f1680..d9078eb89 100644
--- a/include/security.php
+++ b/include/security.php
@@ -116,7 +116,7 @@ function atoken_xchan($atoken) {
'xchan_name' => $atoken['atoken_name'],
'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(),
'xchan_network' => 'unknown',
- 'xchan_url' => z_root(),
+ 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
'xchan_hidden' => 1,
'xchan_photo_mimetype' => 'image/jpeg',
'xchan_photo_l' => get_default_profile_photo(300),