From a791809a840f168cfe65ea9fd09a30b271f7731e Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Oct 2017 22:31:38 -0700 Subject: ensure guests hve a unique (non-existent) url so that network discovery on remote servers doesn't come up mis-attributing the token. Future work should probably provide an actual page at this location describing it as a guest account of 'xyz'. --- include/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/security.php b/include/security.php index 16c6f1680..d9078eb89 100644 --- a/include/security.php +++ b/include/security.php @@ -116,7 +116,7 @@ function atoken_xchan($atoken) { 'xchan_name' => $atoken['atoken_name'], 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), 'xchan_network' => 'unknown', - 'xchan_url' => z_root(), + 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_hidden' => 1, 'xchan_photo_mimetype' => 'image/jpeg', 'xchan_photo_l' => get_default_profile_photo(300), -- cgit v1.2.3