Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add signature when replying to posts #291

Closed
aciccarello opened this issue Nov 17, 2022 · 1 comment
Closed

Add signature when replying to posts #291

aciccarello opened this issue Nov 17, 2022 · 1 comment

Comments

@aciccarello
Copy link

Context

When replying to this post on mastodon, the webmention sending failed with a 502 error noting "401 Client Error: Unauthorized for url: https://types.pl/@abnv/109360439631118847 ; Request not signed".

This can be reproduced with a curl -H 'Accept: application/activity+json' -v https://types.pl/@abnv/109360439631118847

Root cause

It seems that some mastodon and pleroma instances, depending on their configuration, require a signed request in order to access posts. This seems to be a way to lock down access in the case of blocked users or other ways of making content private. In this case the post is still public but a signed request is still required.

Possible solution

I would guess that the simplest solution would be for bridgy to generate it's own signature. A general account for everyone on the service might be sufficient or per-user accounts might be required. I wonder if there is any use case for users providing their own signature (the reply-to post was replying to a mastodon account I control) but that seems complicated.

Additional Info

Relevant mastodon issues

Thanks to sknebel and others who helped explain this in the IndieWeb chat

@snarfed
Copy link
Owner

snarfed commented Nov 24, 2022

Done! My reply on https://types.pl/@abnv/109360439631118847 was sent via Bridgy Fed with this fix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants