Yassine Doghri · Yassine Doghri · semantic-release-bot · cc19c246 · cc19c246 · cc19c246
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
+## [1.6.4](https://code.castopod.org/adaures/castopod/compare/v1.6.3...v1.6.4) (2023-09-17)
+
+### Bug Fixes
+
+- **fediverse:** do not cache remote action form + fix typo on post routes for
+  passing post uuid
+  ([4ecb42f](https://code.castopod.org/adaures/castopod/commit/4ecb42f7c82eb8d41d27c7b9705b3278ea04ab79))
+- **fediverse:** update post controller namespace in routes
+  ([3189f12](https://code.castopod.org/adaures/castopod/commit/3189f122067dc47d6de93c3185aca66d7df95e1a))
+
 ## [1.6.3](https://code.castopod.org/adaures/castopod/compare/v1.6.2...v1.6.3) (2023-09-14)

 ### Bug Fixes

--- a/app/Config/Cache.php
+++ b/app/Config/Cache.php
@@ -55,11 +55,11 @@ class Cache extends BaseConfig
     * Whether to take the URL query string into consideration when generating
     * output cache files. Valid options are:
     *
-     *    false      = Disabled
-     *    true       = Enabled, take all query parameters into account.
-     *                 Please be aware that this may result in numerous cache
-     *                 files generated for the same page over and over again.
-     *    array('q') = Enabled, but only take into account the specified list
+     *    false = Disabled
+     *    true  = Enabled, take all query parameters into account.
+     *            Please be aware that this may result in numerous cache
+     *            files generated for the same page over and over again.
+     *    ['q'] = Enabled, but only take into account the specified list
     *                 of query parameters.
     *
     * @var boolean|string[]
@@ -97,6 +97,7 @@ class Cache extends BaseConfig
     * A string of reserved characters that will not be allowed in keys or tags.
     * Strings that violate this restriction will cause handlers to throw.
     * Default: {}()/\@:
+     *
     * Note: The default set is required for PSR-6 compliance.
     */
    public string $reservedCharacters = '{}()/\@:';

--- a/app/Config/Constants.php
+++ b/app/Config/Constants.php
@@ -11,7 +11,7 @@ declare(strict_types=1);
 |
 | NOTE: this constant is updated upon release with Continuous Integration.
 */
-defined('CP_VERSION') || define('CP_VERSION', '1.6.3');
+defined('CP_VERSION') || define('CP_VERSION', '1.6.4');

 /*
 | --------------------------------------------------------------------

--- a/app/Config/Routes.php
+++ b/app/Config/Routes.php
@@ -6,7 +6,7 @@ use CodeIgniter\Router\RouteCollection;

 /**
 * @var RouteCollection $routes
-/**
+ *
 * --------------------------------------------------------------------
 * Placeholder definitions
 * --------------------------------------------------------------------
@@ -231,8 +231,8 @@ $routes->group('@(:podcastHandle)', static function ($routes): void {
                    'controller-method' => 'PostController::index/$2',
                ],
                'application/ld+json; profile="https://www.w3.org/ns/activitystreams' => [
-                    'namespace'         => 'Modules/Fediverse/Controllers',
-                    'controller-method' => 'PostController::index\$2',
+                    'namespace'         => 'Modules\Fediverse\Controllers',
+                    'controller-method' => 'PostController::index/$2',
                ],
            ],
            'filter' => 'allow-cors',

--- a/app/Controllers/EpisodeAudioController.php
+++ b/app/Controllers/EpisodeAudioController.php
@@ -133,7 +133,6 @@ class EpisodeAudioController extends Controller
        }

        $session = Services::session();
-        $session->start();

        $serviceName = '';
        if ($this->request->getGet('_from')) {

--- a/app/Controllers/EpisodeController.php
+++ b/app/Controllers/EpisodeController.php
@@ -176,7 +176,7 @@ class EpisodeController extends BaseController
        }

        $session = Services::session();
-        $session->start();
+
        if (service('superglobals')->server('HTTP_REFERER') !== null) {
            $session->set('embed_domain', parse_url(service('superglobals')->server('HTTP_REFERER'), PHP_URL_HOST));
        }

--- a/app/Controllers/PostController.php
+++ b/app/Controllers/PostController.php
@@ -249,28 +249,17 @@ class PostController extends FediversePostController
            $this->registerPodcastWebpageHit($this->podcast->id);
        }

-        $cacheName = implode(
-            '_',
-            array_filter(['page', "post#{$this->post->id}", "remote_{$action}", service('request') ->getLocale()]),
-        );
-
-        if (! ($cachedView = cache($cacheName))) {
-            $data = [
-                'metatags' => get_remote_actions_metatags($this->post, $action),
-                'podcast'  => $this->podcast,
-                'actor'    => $this->actor,
-                'post'     => $this->post,
-                'action'   => $action,
-            ];
-
-            helper('form');
+        $data = [
+            'metatags' => get_remote_actions_metatags($this->post, $action),
+            'podcast'  => $this->podcast,
+            'actor'    => $this->actor,
+            'post'     => $this->post,
+            'action'   => $action,
+        ];

-            return view('post/remote_action', $data, [
-                'cache'      => DECADE,
-                'cache_name' => $cacheName,
-            ]);
-        }
+        helper('form');

-        return (string) $cachedView;
+        // NO VIEW CACHING: form has a CSRF token which should change on each request
+        return view('post/remote_action', $data);
    }
 }
--- a/composer.json
+++ b/composer.json
 {
  "name": "adaures/castopod",
-  "version": "1.6.3",
+  "version": "1.6.4",
  "type": "project",
  "description": "Castopod is an open-source hosting platform made for podcasters who want engage and interact with their audience.",
  "homepage": "https://castopod.org",

--- a/modules/Analytics/AnalyticsTrait.php
+++ b/modules/Analytics/AnalyticsTrait.php
@@ -24,7 +24,6 @@ trait AnalyticsTrait
        set_user_session_entry_page();

        $session = Services::session();
-        $session->start();

        if (! $session->get('denyListIp')) {
            $db = db_connect();

--- a/modules/Analytics/Helpers/analytics_helper.php
+++ b/modules/Analytics/Helpers/analytics_helper.php
@@ -56,7 +56,6 @@ if (! function_exists('set_user_session_deny_list_ip')) {
    function set_user_session_deny_list_ip(): void
    {
        $session = Services::session();
-        $session->start();

        if (! $session->has('denyListIp')) {
            $session->set('denyListIp', IpDb::find(client_ip()) !== null);
@@ -71,7 +70,6 @@ if (! function_exists('set_user_session_location')) {
    function set_user_session_location(): void
    {
        $session = Services::session();
-        $session->start();

        $location = [
            'countryCode' => 'N/A',
@@ -112,7 +110,6 @@ if (! function_exists('set_user_session_player')) {
    function set_user_session_player(): void
    {
        $session = Services::session();
-        $session->start();

        if (! $session->has('player')) {
            $playerFound = null;
@@ -155,7 +152,6 @@ if (! function_exists('set_user_session_browser')) {
    function set_user_session_browser(): void
    {
        $session = Services::session();
-        $session->start();

        if (! $session->has('browser')) {
            $browserName = '- Other -';
@@ -182,7 +178,6 @@ if (! function_exists('set_user_session_referer')) {
    function set_user_session_referer(): void
    {
        $session = Services::session();
-        $session->start();

        $newreferer = isset($_SERVER['HTTP_REFERER'])
            ? $_SERVER['HTTP_REFERER']
@@ -205,7 +200,6 @@ if (! function_exists('set_user_session_entry_page')) {
    function set_user_session_entry_page(): void
    {
        $session = Services::session();
-        $session->start();

        $entryPage = $_SERVER['REQUEST_URI'];
        if (! $session->has('entryPage')) {
@@ -245,7 +239,6 @@ if (! function_exists('podcast_hit')) {
        ?int $subscriptionId,
    ): void {
        $session = Services::session();
-        $session->start();

        $clientIp = client_ip();


--- a/modules/Fediverse/Controllers/PostController.php
+++ b/modules/Fediverse/Controllers/PostController.php
@@ -50,6 +50,10 @@ class PostController extends Controller

    public function _remap(string $method, string ...$params): mixed
    {
+        if ($params === []) {
+            throw PageNotFoundException::forPageNotFound();
+        }
+
        if (! ($post = model('PostModel', false)->getPostById($params[0])) instanceof Post) {
            throw PageNotFoundException::forPageNotFound();
        }

--- a/package.json
+++ b/package.json
 {
  "name": "castopod",
-  "version": "1.6.3",
+  "version": "1.6.4",
  "description": "Castopod Host is an open-source hosting platform made for podcasters who want engage and interact with their audience.",
  "private": true,
  "license": "AGPL-3.0-or-later",