From a791809a840f168cfe65ea9fd09a30b271f7731e Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Mon, 16 Oct 2017 22:31:38 -0700
Subject: ensure guests hve a unique (non-existent) url so that network
 discovery on remote servers doesn't come up mis-attributing the token. Future
 work should probably provide an actual page at this location describing it as
 a guest account of 'xyz'.

---
 include/security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/security.php b/include/security.php
index 16c6f1680..d9078eb89 100644
--- a/include/security.php
+++ b/include/security.php
@@ -116,7 +116,7 @@ function atoken_xchan($atoken) {
 			'xchan_name' => $atoken['atoken_name'],
 			'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(),
 			'xchan_network' => 'unknown',
-			'xchan_url' => z_root(),
+			'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
 			'xchan_hidden' => 1,
 			'xchan_photo_mimetype' => 'image/jpeg',
 			'xchan_photo_l' => get_default_profile_photo(300),
-- 
cgit v1.2.3