Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mitra.social/objects/0194ec79-4cc1-621e-d203-cd100f7e1190">silverpill (silverpill@mitra.social)'s status on Monday, 10-Feb-2025 05:49:50 JST</a><a href="https://mitra.social/users/silverpill" title="silverpill@mitra.social"><img src="https://gnusocial.jp/avatar/85321-48-20230105202807.webp" width="48" height="48" alt="silverpill" style="position: absolute; left: 0; top: 0;">silverpill</a><div><a href="https://metalhead.club/@mariusor/113972813541024530" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://metalhead.club/@mariusor">@mariusor</a> It is not invalid, just unusual.</p><p>I enabled detailed logging on my server and posted an activity via C2S API as you suggested.</p><p>It appears that POST requests are signed by https://federated.id/#main. My server tries to load the https://federated.id/ actor and rejects it because it doesn't have a preferredUsername property (not required by AP, but very common and my server needs it). My server also expects signing key to be owned by activity actor, but I can change that if needed (same origin is ok). Finally, https://federated.id/#main is an RSA key :)</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4474025#notice-8884516">In conversation</a><time datetime="2025-02-10T05:49:50+09:00" title="Monday, 10-Feb-2025 05:49:50 JST">about 14 days ago</time> <span>from <span><a href="https://mitra.social/objects/0194ec79-4cc1-621e-d203-cd100f7e1190" rel="external" title="Sent from mitra.social via ActivityPub">mitra.social</a></span></span><a href="https://mitra.social/objects/0194ec79-4cc1-621e-d203-cd100f7e1190">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/875054">Untitled attachment</a></label><br></li><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="http://suggested.It/">suggested.it</a></h5><div></div></header><div>This domain may be for sale!</div><footer></footer></article></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4110300">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
silverpill (silverpill@mitra.social)'s status on Monday, 10-Feb-2025 05:49:50 JSTsilverpill
in reply to
- marius
@mariusor It is not invalid, just unusual.
I enabled detailed logging on my server and posted an activity via C2S API as you suggested.
It appears that POST requests are signed by https://federated.id/#main. My server tries to load the https://federated.id/ actor and rejects it because it doesn't have a preferredUsername property (not required by AP, but very common and my server needs it). My server also expects signing key to be owned by activity actor, but I can change that if needed (same origin is ok). Finally, https://federated.id/#main is an RSA key :)
In conversationabout 14 days ago from mitra.socialpermalink
Attachments
1. Untitled attachment
2. No result found on File_thumbnail lookup.
  suggested.it
  This domain may be for sale!
3. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice