Edit Config: Authorized Fetch

You do not have permission to edit this page, for the following reason:

The action you have requested is limited to users in the group: Users.

Description: Prevents unauthorized access to instance content

Env Variable:

Name of the variable in the .env file, if any

Default:

Value:

Affects:

Other features, config, etc. that changing this config variable affects

Related To:

Other topics that this config value might be related to

Docs:

URL(s) to any related documentation for this config variable

Add another

Free text:

Up To: [[Part Of::Features]], [[Part Of::Config]] Defederation, by default, doesn't completely prevent blocked accounts or instances from accessing our instance's content. Authorized fetch is an additional step to prevent scraping or other automated collection of instance data. == Effects == === Access === * The primary effect is to require the underlying JSON-LD, ActivityPub representation of server content be requested by a valid ActivityPub Actor (that isn't blocked or suspended). Typically this data doesn't require authentication, so even if an instance is blocked/defederated, they can still access instance data with an unauthenticated, anonymous request. * Statuses and accounts are '''still visible''' via manual HTTP/HTML access through the website to people who are logged out, only the JSON-LD representation is affected. === Caching === * A secondary effect is that ours and other instances can't cache our data as effectively, which requires modestly more networking/compute resources. == Implementation == * Many actions invoke <code>require_account_signature</code> ([https://github.com/NeuromatchAcademy/mastodon/blob/cf9b7e9c62ca94a1f766d76480d4f40a285094a6/app/controllers/concerns/signature_verification.rb#L48 source]), which checks that the request comes from an account, accompanied by a valid signature ** Fetching account details like followers/following ** Fetching statuses ** Fetching hashtags ** Fetching replies * Causes many items not to be cached (re-served on demand) * Turns off <code>public_fetch_mode</code> in the ApplicationController ([https://github.com/NeuromatchAcademy/mastodon/blob/cf9b7e9c62ca94a1f766d76480d4f40a285094a6/app/controllers/application_controller.rb#L57 source]) ** Causes the "public" setting to be turned into <code>private</code> in HTTP cache-control flags, see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control == Docs == https://docs.joinmastodon.org/admin/config/#authorized_fetch <blockquote> Also called “secure mode”. When set to true, the following changes occur: * Mastodon will stop generating linked-data signatures for public posts, which prevents them from being re-distributed efficiently but without precise control. Since a linked-data object with a signature is entirely self-contained, it can be passed around without making extra requests to the server where it originates. * Mastodon will require HTTP signature authentication on ActivityPub representations of public posts and profiles, which are normally available without any authentication. Profiles will only return barebones technical information when no authentication is supplied. As a result, through the authentication mechanism and avoiding re-distribution mechanisms that do not have your server in the loop, it becomes possible to enforce who can and cannot retrieve even public content from your server, e.g. servers whose domains you have blocked. </blockquote> == References == * https://hub.sunny.garden/2023/06/28/what-does-authorized_fetch-actually-do/ [[Category:Mastodon]] [[Category:Feature]] [[Category:Config]]

Summary:

Cancel