Conversation

Notices

1. Embed this notice
   nekobit (nekofag@rdrama.cc)'s status on Friday, 26-May-2023 12:19:59 JST nekobit

   • Alex Gleason
   @alex quick where does pleroma store uploads in the database i'm just trying to track down the user of the file
   • Embed this notice
     Alex Gleason (alex@gleasonator.com)'s status on Friday, 26-May-2023 12:19:58 JST Alex Gleason

     in reply to
     @nekofag It doesn't. You can search for objects which contain that attachment by doing a complicated jsonb query on the objects table, but... you won't find the post because they deleted it already. Best thing you can do is TRUNCATE TABLE oauth_tokens; and make sure you're hosting media on a subdomain. I'll write an upload filter soon to restrict media attachments to certain mime types.
   • Embed this notice
     nekobit (nekofag@rdrama.cc)'s status on Friday, 26-May-2023 12:23:45 JST nekobit

     in reply to

     • Alex Gleason
     @alex is there anyway i can avoid doing it with a subdomain, can i just write some apache junk
   • Embed this notice
     Alex Gleason (alex@gleasonator.com)'s status on Friday, 26-May-2023 12:23:45 JST Alex Gleason

     in reply to
     @nekofag Subdomain is the best practice because it totally avoids this issue. It might be possible to return a special CSP just for that path, but I wouldn't play around.
   • Embed this notice
     feld (feld@bikeshed.party)'s status on Friday, 26-May-2023 12:38:48 JST feld

     in reply to

     • Alex Gleason
     CSP rules only work on the domain level 😞