Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Require authorized fetch #8

Open
marrus-sh opened this issue Sep 12, 2021 · 0 comments
Open

Require authorized fetch #8

marrus-sh opened this issue Sep 12, 2021 · 0 comments
Labels
LV.1: Application Backend @ installing and running the application LV.4: S2S Networking @ Server‐to‐server support LV.4: Security Networking @ Security STATUS: breaking Resolving this will introduce breaking changes STATUS: discuss This issue should be discussed before further actions are taken STATUS: enhancement New feature or improvements to existing STATUS: need info Further information is requested STATUS: refactor Things should be said differently

Comments

@marrus-sh
Copy link
Member

It is my understanding that authorized fetch mode enables a number of guarantees which are not otherwise possible, and which are useful to Mastodon development. Any Mastodon server which is not horrifically out‐of‐date should support authorized fetch, so there is no reason not to enforce it in all cases.

(Currently it is behind an environment variable, AUTHORIZED_FETCH=true.)

The main complication to implementing this (aside from understanding all of the areas of the code that the authorized fetch toggle affects) is that it introduces uncertainties when migrating an older Mastodon server which previously did not require it. We will need to investigate the potential edgecases and ramifications of such a migration, and provide appropriate measures to handle them.
@marrus-sh marrus-sh added STATUS: refactor Things should be said differently STATUS: enhancement New feature or improvements to existing STATUS: need info Further information is requested STATUS: breaking Resolving this will introduce breaking changes LV.1: Application Backend @ installing and running the application labels Sep 12, 2021
@marrus-sh marrus-sh mentioned this issue Sep 12, 2021
Open
@marrus-sh marrus-sh added STATUS: discuss This issue should be discussed before further actions are taken LV.4: S2S Networking @ Server‐to‐server support LV.4: Security Networking @ Security labels Sep 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
LV.1: Application Backend @ installing and running the application LV.4: S2S Networking @ Server‐to‐server support LV.4: Security Networking @ Security STATUS: breaking Resolving this will introduce breaking changes STATUS: discuss This issue should be discussed before further actions are taken STATUS: enhancement New feature or improvements to existing STATUS: need info Further information is requested STATUS: refactor Things should be said differently
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@marrus-sh