also strip title from notification of private messages - it leaks potentially sensitive message info. Note: there is still information leakage of sender but this is difficult to avoid completely. "You've got an email from (we're sorry, we can't tell you...)"
This commit is contained in:
friendica
parent
34526e8253
commit
99c842ff39
@ -397,7 +397,7 @@ function notification($params) {
|
|||||||
if(! $private)
|
if(! $private)
|
||||||
break;
|
break;
|
||||||
case NOTIFY_MAIL:
|
case NOTIFY_MAIL:
|
||||||
$datarray['textversion'] = $datarray['htmlversion'] = '';
|
$datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = '';
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
|
|||||||
Reference in New Issue
Block a user