Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
spiral@anime.website's status on Thursday, 03-Nov-2022 08:47:39 JST spiral

why the fuck is pleroma serving frontend html on a .well-known path

In conversation Thursday, 03-Nov-2022 08:47:39 JST from anime.website permalink
- Embed this notice
  Alex Gleason (alex@gleasonator.com)'s status on Thursday, 03-Nov-2022 08:47:37 JST Alex Gleason
  in reply to
  
  ServiceWorker
  
  In conversation Thursday, 03-Nov-2022 08:47:37 JST permalink
- Embed this notice
  Alex Gleason (alex@gleasonator.com)'s status on Thursday, 03-Nov-2022 08:56:09 JST Alex Gleason
  in reply to
  
  My bad it's actually pleroma doing it. This: https://git.pleroma.social/pleroma/pleroma/-/blob/develop/lib/pleroma/web/plugs/frontend_static.ex and then this: https://git.pleroma.social/pleroma/pleroma/-/blob/develop/lib/pleroma/web/router.ex#L883-893
  In conversation Thursday, 03-Nov-2022 08:56:09 JST permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: git.pleroma.social
    
    lib/pleroma/web/plugs/frontend_static.ex · develop · Pleroma / pleroma · GitLab
    
    Pleroma backend
  2. Domain not in remote thumbnail source whitelist: git.pleroma.social
    
    lib/pleroma/web/router.ex · develop · Pleroma / pleroma · GitLab
    
    Pleroma backend
- Embed this notice
  spiral@anime.website's status on Thursday, 03-Nov-2022 08:56:10 JST spiral
  in reply to
  - Alex Gleason
  @alex why would a service worker need such a response from a path that should otherwise 404, or why should a service worker be registered on a path that should 404?
  
  In conversation Thursday, 03-Nov-2022 08:56:10 JST permalink
- Embed this notice
  Alex Gleason (alex@gleasonator.com)'s status on Thursday, 03-Nov-2022 09:04:51 JST Alex Gleason
  in reply to
  
  Fetch doesn't happen. ?
  
  The originating server sends the private post to all servers with an eligible follower, then the receiving server checks the HTTP Signature to verify that it matches the public key it previously fetched for that actor.
  
  In conversation Thursday, 03-Nov-2022 09:04:51 JST permalink
- Embed this notice
  spiral@anime.website's status on Thursday, 03-Nov-2022 09:04:52 JST spiral
  in reply to
  - Alex Gleason
  @alex i was confused because i made a typo in an api request and got back html
  
  btw how does remote post fetching for private scope posts work?
  
  In conversation Thursday, 03-Nov-2022 09:04:52 JST permalink
- Embed this notice
  Alex Gleason (alex@gleasonator.com)'s status on Thursday, 03-Nov-2022 09:08:43 JST Alex Gleason
  in reply to
  - Alex Gleason
  This is part of why private Groups are hard. You can't really boost a private post. (You can, but it only affects servers who already have the post in their database.) Groups work by boosting posts.
  
  In conversation Thursday, 03-Nov-2022 09:08:43 JST permalink
- Embed this notice
  Alex Gleason (alex@gleasonator.com)'s status on Thursday, 03-Nov-2022 09:10:05 JST Alex Gleason
  in reply to
  
  No totally, you're right. Public posts get fetched. Private posts can't really be due to the nature of them being private posts, so you have to do it a different way.
  
  In conversation Thursday, 03-Nov-2022 09:10:05 JST permalink
- Embed this notice
  spiral@anime.website's status on Thursday, 03-Nov-2022 09:10:06 JST spiral
  in reply to
  - Alex Gleason
  @alex oh, interesting. i vaguely remember the inbox getting a URI to an object and then fetching it, but i'm probably thinking of something else
  
  i do know that posts are fetched in some circumstances (pinned posts show up from remote accounts an instance didn't know about), so do private posts just not work there?
  
  In conversation Thursday, 03-Nov-2022 09:10:06 JST permalink

Public

Conversation

Notices

Feeds