From 756c8b3ef4fd298ecba2c253f77202852460f4dc Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Sun, 24 Nov 2024 06:24:21 -0600
Subject: [PATCH] =?UTF-8?q?Security:=20SSR=E3=83=97=E3=83=A9=E3=82=A4?=
 =?UTF-8?q?=E3=83=90=E3=82=B7=E3=83=BC=E6=96=B9=E9=9D=A2=E3=81=AE=E6=94=B9?=
 =?UTF-8?q?=E5=96=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 .../backend/src/server/web/ClientServerService.ts     | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts
index 7c7ec24e05..0f1fdca0d4 100644
--- a/packages/backend/src/server/web/ClientServerService.ts
+++ b/packages/backend/src/server/web/ClientServerService.ts
@@ -562,6 +562,7 @@ export class ClientServerService {
 				usernameLower: username.toLowerCase(),
 				host: host ?? IsNull(),
 				isSuspended: false,
+				requireSigninToViewContents: false,
 			});
 
 			return user && await this.feedService.packFeed(user);
@@ -616,12 +617,21 @@ export class ClientServerService {
 		// User
 		fastify.get<{ Params: { user: string; sub?: string; } }>('/@:user/:sub?', async (request, reply) => {
 			const { username, host } = Acct.parse(request.params.user);
+
+			if (host) {
+				return await renderBase(reply); // リモートユーザーのページはSSRしない (プライバシーの観点から)
+			}
+
 			const user = await this.usersRepository.findOneBy({
 				usernameLower: username.toLowerCase(),
 				host: host ?? IsNull(),
 				isSuspended: false,
 			});
 
+			if (user?.requireSigninToViewContents) {
+				return await renderBase(reply);
+			}
+
 			vary(reply.raw, 'Accept');
 
 			if (user != null) {
@@ -663,6 +673,7 @@ export class ClientServerService {
 				id: request.params.user,
 				host: IsNull(),
 				isSuspended: false,
+				requireSigninToViewContents: false,
 			});
 
 			if (user == null) {