Mastodon may expose followers-only posts to public.
Technical Discussion
12
Posts
7
Posters
1
Views
-
Mastodon may expose followers-only posts to public. Is it a feature or a bug?
For example, this reply is addressed to the
followerscollection (to) and the mentioned user (cc):https://not-brain.d.on-t.work/notes/admrkcvj3hfn5crj
But Mastodon says the reply is "public". Anyone can view it:
https://neuromatch.social/@kopper@not-brain.d.on-t.work/115343438096255204
#Iceshrimp also doesn't require authorization, but you need to know the post ID to view it.
@kopper Did you know about this?
That is a little odd, and I'd think that is a violation of the implicit addressing conventions...
If
as:Publicis not addressed, it is not public. End of story...Edit: oh, I loaded up the AP resource.
tocontains public, so that's ok. -
Mastodon may expose followers-only posts to public. Is it a feature or a bug?
For example, this reply is addressed to the
followerscollection (to) and the mentioned user (cc):https://not-brain.d.on-t.work/notes/admrkcvj3hfn5crj
But Mastodon says the reply is "public". Anyone can view it:
https://neuromatch.social/@kopper@not-brain.d.on-t.work/115343438096255204
#Iceshrimp also doesn't require authorization, but you need to know the post ID to view it.
@kopper Did you know about this?
@silverpill up until a few minutes ago my instance was doing per-instance visibility -
@silverpill up until a few minutes ago my instance was doing per-instance visibility@silverpill (to be clear, this was a patch i had on my own instance and isn't iceshrimp functionality)
-
@julian The followers-only reply is also visible from NodeBB:
https://activitypub.space/post/https%3A%2F%2Fnot-brain.d.on-t.work%2Fnotes%2Fadmrkcvj3hfn5crj
-
@silverpill (to be clear, this was a patch i had on my own instance and isn't iceshrimp functionality)
@kopper What does it mean? You return different objects depending on who signed the request?
-
Mastodon may expose followers-only posts to public. Is it a feature or a bug?
For example, this reply is addressed to the
followerscollection (to) and the mentioned user (cc):https://not-brain.d.on-t.work/notes/admrkcvj3hfn5crj
But Mastodon says the reply is "public". Anyone can view it:
https://neuromatch.social/@kopper@not-brain.d.on-t.work/115343438096255204
#Iceshrimp also doesn't require authorization, but you need to know the post ID to view it.
@kopper Did you know about this?
@silverpill It breaks FO, so this is a feature. -
Mastodon may expose followers-only posts to public. Is it a feature or a bug?
For example, this reply is addressed to the
followerscollection (to) and the mentioned user (cc):https://not-brain.d.on-t.work/notes/admrkcvj3hfn5crj
But Mastodon says the reply is "public". Anyone can view it:
https://neuromatch.social/@kopper@not-brain.d.on-t.work/115343438096255204
#Iceshrimp also doesn't require authorization, but you need to know the post ID to view it.
@kopper Did you know about this?
"Mastodon may expose followers-only posts to public. Is it a feature or a bug?"
I hate to break this to you, but I'm seeing this on a v4.4.3 #Mastodon instance in my /home only because of the #Hashtag #Iceshrimp you've used, which I #Follow
Don't know if this is good news or bad news, or none of the above
cc @kopper
-
@julian Well, it's public now. But it wasn't when I posted :)
-
@julian Well, it's public now. But it wasn't when I posted :)
@silverpill One thing that has always been different in Mike's software is that only authorized people can see non-public things. It is of little use to have the right address for the image, video, or file (as instead happens and happened in Mastodon Diaspora and others - almost all of them). In the software created by him, you cannot see even if you have an address/id or whatever you like.
-
Mastodon may expose followers-only posts to public. Is it a feature or a bug?
For example, this reply is addressed to the
followerscollection (to) and the mentioned user (cc):https://not-brain.d.on-t.work/notes/admrkcvj3hfn5crj
But Mastodon says the reply is "public". Anyone can view it:
https://neuromatch.social/@kopper@not-brain.d.on-t.work/115343438096255204
#Iceshrimp also doesn't require authorization, but you need to know the post ID to view it.
@kopper Did you know about this?
@silverpill
For superior control of your content, suggest to use hubzilla -
@silverpill One thing that has always been different in Mike's software is that only authorized people can see non-public things. It is of little use to have the right address for the image, video, or file (as instead happens and happened in Mastodon Diaspora and others - almost all of them). In the software created by him, you cannot see even if you have an address/id or whatever you like.
@elvecio Further investigation showed that this wasn't a Mastodon's fault. There was some weirdness on behalf of the originating instance.
Mastodon server received a post addressed to public and I received a post addressed to followers.
-
System shared this topic
Gli ultimi otto messaggi ricevuti dalla Federazione
-
I'm looking into federating out deletion of contexts because in NodeBB the concept of a topic is a discrete entity, not tied to the posts contained within. Deleting the top-level post would not alter the topic in any way, except perhaps that the next oldest reply is suddenly promoted to top-level, which is odd.
Conversely, in ActivityPub, there either is no concept of a context (threaded objects only), or merely the suggestion of one as a view (current implementations of resolvable contexts). I'm hoping to move this more towards contexts as discrete entities with their own activities.
-
@julian love to see the reports of cross project colab!
-
@elvecio Further investigation showed that this wasn't a Mastodon's fault. There was some weirdness on behalf of the originating instance.
Mastodon server received a post addressed to public and I received a post addressed to followers.
-
@silverpill
For superior control of your content, suggest to use hubzilla
-
@silverpill One thing that has always been different in Mike's software is that only authorized people can see non-public things. It is of little use to have the right address for the image, video, or file (as instead happens and happened in Mastodon Diaspora and others - almost all of them). In the software created by him, you cannot see even if you have an address/id or whatever you like.
-
@julian Well, it's public now. But it wasn't when I posted :)
-
"Mastodon may expose followers-only posts to public. Is it a feature or a bug?"
I hate to break this to you, but I'm seeing this on a v4.4.3 #Mastodon instance in my /home only because of the #Hashtag #Iceshrimp you've used, which I #Follow
Don't know if this is good news or bad news, or none of the above
cc @kopper
-
@silverpill It breaks FO, so this is a feature.
