Currently `Topic#pm_topic_count` is a count of all personal messages tagged for a given tag. As a result, any user with access to PM tags can poll a sensitive tag to determine if a new personal message has been created using that tag even if the user does not have access to the personal message. We classify this as a minor leak in sensitive information. With this commit, `Topic#pm_topic_count` is hidden from users by default unless the `display_personal_messages_tag_counts` site setting is enabled. |
||
|---|---|---|
| .. | ||
| controllers | ||
| ember | ||
| lib | ||
| mixins | ||
| models | ||
| routes | ||
| services | ||
| utils | ||
| localization-test.js | ||