Check scope, else a privacy leaks happens this way:
1) Bob and Alice follow each other and write private notices
(this->scope=2) to each other.
2) Bob uses tags in his private notice to alice (which she can
read from him).
3) Alice adds that notice (with tags) to her favorites
("faving") it.
4) The tags from Bob's private notice becomes visible in Alice's
profile.
This has the simple background that the scope is not being
re-checked. This has to be done here at this point because given
above scenario is a privacy leak as the tags may be *really*
private (nobody else shall see them) such as initmate words or
very political words.
Signed-off-by: Roland Haeder <roland@mxchange.org>
projects / quix0rs-gnu-social.git / commit