Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

9.7K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.5

Public
julian

I may regret creating this topic but here goes.

If you experience a bug or other unexpected behavior while using NodeBB and its related ActivityPub integration, please post it here so it can be tracked and resolved.

No formal process as of yet, and we're still at pre-alpha so expect many things to be broken or unavailable

#bugs#nodebbacti
Public
julian

@scott@authorship.studio said in Pre-Alpha ActivityPub-related bug reports:

I am not sure if there is a way to pull in ActivityPub.

No standard ways, at present, but of course, you can always do an S2S call for the individual objects themselves. The problem is, how do you get the whole thread (which as you mention above, Mastodon can't even support at present). Hell, how do you even get the authoritative source besides traversing up the entire reply chain?

I often feel like I am pushing against the "ActivityPub zeitgeist" of sorts, because I am plainly advocating for a thoughtfully designed pull-based mechanism for backfill purposes, but at least among those I've talked to, I'm not hearing any pushback.

I am not sure how to implement this in ActivityPub, but in the Zot protocol, Hubzilla actually fetches the entire thread from the authoritative source.

In NodeBB, each object references a context, which is an OrderedCollection of other objects. That context is the authoritative source (or at least, as authoritative as NodeBB can determine).

I'm planning a survey on context usage, to see whether other implementors use it at all, and how.

NodeBB Community · Pre-Alpha ActivityPub-related bug reports@julian Mastodon and other platforms don't understand the concept of threaded conversations, which is why they haven't implemented something like that.I am n...
Emelia 👸🏻

@julian I'm maybe not seeing the right post, but on the "duplicate content" issue, if you've an unauthenticated user viewing a federated post or account, the best practice is to provide an intersitual saying “This post wasn't made it, click to view the original post”

This is what it looks like in 4.3 for mastodon: github.com/mastodon/mastodon/p

GitHubAdd confirmation when redirecting logged-out requests to permalink by Gargron · Pull Request #27792 · mastodon/mastodonBy Gargron
May 16, 2024, 05:06 PM·Public·Ivory for Mac
0boosts·0favorites
Public
Emelia 👸🏻

@julian Why? because the unauthenticated user should not be able to view federated content, since this may make you susceptible to public cache poisoning attacks, where a third-party could make you publicly display CSAM content, and then it looks like you're displaying it first-party and hosting CSAM to your hosting company, who takes your server down immediately and/or reports to LEO.

We've already seen this attack used to take down fediverse servers.

Public
Scott M. Stolz
@Emelia 👸🏻 @julian

I don't think there really will be a duplicate content issue. Typically, copies of posts are delivered to people's private inbox, not reposted publicly on other websites. Unless someone is operating a relay or reposting other people's posts, all of the copies of the post that are sent over ActivityPub should be private.
Public
Emelia 👸🏻

@scott the instance timelines serve remote cached content as if it were first-party content

ExploreLive feeds
About