You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This can be reproduced with a curl -H 'Accept: application/activity+json' -v https://types.pl/@abnv/109360439631118847
Root cause
It seems that some mastodon and pleroma instances, depending on their configuration, require a signed request in order to access posts. This seems to be a way to lock down access in the case of blocked users or other ways of making content private. In this case the post is still public but a signed request is still required.
Possible solution
I would guess that the simplest solution would be for bridgy to generate it's own signature. A general account for everyone on the service might be sufficient or per-user accounts might be required. I wonder if there is any use case for users providing their own signature (the reply-to post was replying to a mastodon account I control) but that seems complicated.
Context
When replying to this post on mastodon, the webmention sending failed with a 502 error noting "401 Client Error: Unauthorized for url: https://types.pl/@abnv/109360439631118847 ; Request not signed".
This can be reproduced with a
curl -H 'Accept: application/activity+json' -v https://types.pl/@abnv/109360439631118847
Root cause
It seems that some mastodon and pleroma instances, depending on their configuration, require a signed request in order to access posts. This seems to be a way to lock down access in the case of blocked users or other ways of making content private. In this case the post is still public but a signed request is still required.
Possible solution
I would guess that the simplest solution would be for bridgy to generate it's own signature. A general account for everyone on the service might be sufficient or per-user accounts might be required. I wonder if there is any use case for users providing their own signature (the reply-to post was replying to a mastodon account I control) but that seems complicated.
Additional Info
Relevant mastodon issues
Thanks to sknebel and others who helped explain this in the IndieWeb chat
The text was updated successfully, but these errors were encountered: