From 07b728c5e557c9aae91c51f3eaac5c32d479f2a2 Mon Sep 17 00:00:00 2001
From: Joshua Rosenfeld <jomaxro@discourse.org>
Date: Mon, 11 May 2020 01:05:42 -0400
Subject: [PATCH] FEATURE: add noindex header to badges, groups, and /my pages
 (#9736)

---
 app/controllers/badges_controller.rb    | 1 +
 app/controllers/groups_controller.rb    | 1 +
 app/controllers/users_controller.rb     | 2 +-
 spec/requests/badges_controller_spec.rb | 1 +
 spec/requests/groups_controller_spec.rb | 1 +
 spec/requests/users_controller_spec.rb  | 1 +
 6 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/controllers/badges_controller.rb b/app/controllers/badges_controller.rb
index f5c82ea3c1c..14ff402160d 100644
--- a/app/controllers/badges_controller.rb
+++ b/app/controllers/badges_controller.rb
@@ -2,6 +2,7 @@
 
 class BadgesController < ApplicationController
   skip_before_action :check_xhr, only: [:index, :show]
+  after_action :add_noindex_header
 
   def index
     raise Discourse::NotFound unless SiteSetting.enable_badges
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index c9a623d819c..60ba5167994 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -15,6 +15,7 @@ class GroupsController < ApplicationController
 
   skip_before_action :preload_json, :check_xhr, only: [:posts_feed, :mentions_feed]
   skip_before_action :check_xhr, only: [:show]
+  after_action :add_noindex_header
 
   TYPE_FILTERS = {
     my: Proc.new { |groups, user|
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 2c0ca628763..d7319dc2f5f 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -48,7 +48,7 @@ class UsersController < ApplicationController
                                                             :admin_login,
                                                             :confirm_admin]
 
-  after_action :add_noindex_header, only: [:show]
+  after_action :add_noindex_header, only: [:show, :my_redirect]
 
   def index
   end
diff --git a/spec/requests/badges_controller_spec.rb b/spec/requests/badges_controller_spec.rb
index f89bb7c8306..170977f31c8 100644
--- a/spec/requests/badges_controller_spec.rb
+++ b/spec/requests/badges_controller_spec.rb
@@ -17,6 +17,7 @@ describe BadgesController do
       expect(response.status).to eq(200)
       parsed = response.parsed_body
       expect(parsed["badges"].length).to eq(Badge.enabled.count)
+      expect(response.headers['X-Robots-Tag']).to eq('noindex')
     end
   end
 
diff --git a/spec/requests/groups_controller_spec.rb b/spec/requests/groups_controller_spec.rb
index bbbb3730673..8d58f3f5315 100644
--- a/spec/requests/groups_controller_spec.rb
+++ b/spec/requests/groups_controller_spec.rb
@@ -364,6 +364,7 @@ describe GroupsController do
 
       expect(body['group']['id']).to eq(group.id)
       expect(body['extras']["visible_group_names"]).to eq([group.name])
+      expect(response.headers['X-Robots-Tag']).to eq('noindex')
     end
 
     context 'as an admin' do
diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb
index 53c936f8205..cfb1437c065 100644
--- a/spec/requests/users_controller_spec.rb
+++ b/spec/requests/users_controller_spec.rb
@@ -2433,6 +2433,7 @@ describe UsersController do
     it "redirects if the user is not logged in" do
       get "/my/wat.json"
       expect(response).to be_redirect
+      expect(response.headers['X-Robots-Tag']).to eq('noindex')
     end
 
     context "when the user is logged in" do