Authorized Fetch Circumvented by Alt-Right Developers (wedistribute.org)

submitted 9 months ago by deadsuperhero@lemmy.ml to c/fediverse@lemmy.ml

11 comments fedilink hide all child comments

Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.

you are viewing a single comment's thread
view the rest of the comments

[-] pelespirit@sh.itjust.works 2 points 9 months ago

Thank you for explaining it, I think you're right. Not sure why they wouldn't explain it to me, I can't read minds and that's an interesting conversation.

They’re not going to be compelled to fix it until it’s an active problem when there are a lot bigger problems sitting around that are easier to fix.

Which is even more reason for all the big instances to not federate, but it's their choice. All these smaller instance, weekend hobbyists are going to feel the pain. At least meta says they're going to integrate slowly. We'll see.

[-] linearchaos@lemmy.world 1 points 9 months ago

Don't worry, it'll sort itself out when it becomes truly painful.

this post was submitted on 26 Dec 2023

69 points (96.0% liked)

Fediverse

17625 readers

45 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

What is the fediverse?
- Short ver.
- Full ver.
Fediverse Platforms
How to run your own community

founded 4 years ago

MODERATORS

deadsuperhero@lemmy.ml

wakest@lemmy.ml