Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://ilja.space/objects/605e59a4-ecf0-4426-a31b-f5629017fc29">ilja (ilja@ilja.space)'s status on Friday, 13-Jan-2023 01:00:04 JST</a><a href="https://ilja.space/users/ilja" title="ilja@ilja.space"><img src="https://gnusocial.jp/avatar/1729-48-20220811180111.webp" width="48" height="48" alt="ilja" style="position: absolute; left: 0; top: 0;">ilja</a><div><ul><li></ul></div></section><article>It seems cloudflare will be offering vendor lock-in fedi software. It's quite trivial to detect if a server is running behind a cloudflare IP and it's quite easy to do something using MRF.<br><br>Would you want such an MRF, and what functionality would you want in such an MRF?<br><br>We can drop messages, we can rewrite messages, we can make sure end users don't do calls to them by (re)moving attachments, we can mark accounts from such instances in some way...<br><br>We can also expand to not just detect cloudflare, but also other IP ranges, whitelist domains...<br><br>I already have a very quick-and-simple one to drop messages coming from them here <a href="https://git.pleroma.social/ilja/mrf/-/blob/develop/reject_cloudflare_policy.ex">https://git.pleroma.social/ilja/mrf/-/blob/develop/reject_cloudflare_policy.ex</a> But I'm wondering if I should put more effort into making it more proper. (Or if someone wants to take the opportunity to get into *oma development, this could be a very good start if this is something that interests you :blobfoxwink: )<br><br><a href="https://brands.town/@MNNHNewsEnglish">@MNNHNewsEnglish</a><br><br>RE: <a href="https://brands.town/users/MNNHNewsEnglish/statuses/109676685578199025">https://brands.town/users/MNNHNewsEnglish/statuses/109676685578199025</a></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/1033478#notice-2290156">In conversation</a><time datetime="2023-01-13T01:00:04+09:00" title="Friday, 13-Jan-2023 01:00:04 JST">Friday, 13-Jan-2023 01:00:04 JST</time> <span>from <span><a href="https://ilja.space/objects/605e59a4-ecf0-4426-a31b-f5629017fc29" rel="external" title="Sent from ilja.space via ActivityPub">ilja.space</a></span></span><a href="https://ilja.space/objects/605e59a4-ecf0-4426-a31b-f5629017fc29">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: git.pleroma.social</div><h5><a href="https://git.pleroma.social/ilja/mrf/-/blob/develop/reject_cloudflare_policy.ex">reject_cloudflare_policy.ex · develop · Ilja / mrf · GitLab</a></h5><div></div></header><div>Pleroma GitLab</div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: brandstown.files.fedi.monster</div><h5><a href="https://brands.town/@MNNHNewsEnglish/109676685578199025">MNNH News English :verified: (@MNNHNewsEnglish@brands.town)</a></h5><div> from <span>MNNH News English :verified:</span></div></header><div>BREAKING: US technology company Cloudflare hits back at accusations that its Fediverse software offering, called "Wildebeest", which can only run on the company's own cloud services, represents centralisation and vendor lock-in.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
ilja (ilja@ilja.space)'s status on Friday, 13-Jan-2023 01:00:04 JSTilja
- MNNH News English :verified:
It seems cloudflare will be offering vendor lock-in fedi software. It's quite trivial to detect if a server is running behind a cloudflare IP and it's quite easy to do something using MRF.

Would you want such an MRF, and what functionality would you want in such an MRF?

We can drop messages, we can rewrite messages, we can make sure end users don't do calls to them by (re)moving attachments, we can mark accounts from such instances in some way...

We can also expand to not just detect cloudflare, but also other IP ranges, whitelist domains...

I already have a very quick-and-simple one to drop messages coming from them here https://git.pleroma.social/ilja/mrf/-/blob/develop/reject_cloudflare_policy.ex But I'm wondering if I should put more effort into making it more proper. (Or if someone wants to take the opportunity to get into *oma development, this could be a very good start if this is something that interests you :blobfoxwink: )

@MNNHNewsEnglish

RE: https://brands.town/users/MNNHNewsEnglish/statuses/109676685578199025
In conversationFriday, 13-Jan-2023 01:00:04 JST from ilja.spacepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: git.pleroma.social
  reject_cloudflare_policy.ex · develop · Ilja / mrf · GitLab
  Pleroma GitLab
2. Domain not in remote thumbnail source whitelist: brandstown.files.fedi.monster
  MNNH News English :verified: (@MNNHNewsEnglish@brands.town)
  from MNNH News English :verified:
  BREAKING: US technology company Cloudflare hits back at accusations that its Fediverse software offering, called "Wildebeest", which can only run on the company's own cloud services, represents centralisation and vendor lock-in.

Public

Embed Notice

HTML Code

Corresponding Notice