Mastodon 🐘

1 post1 participant0 posts today

julianPleroma Webfinger compatibility Does anybody know what exactly Pleroma needs for a valid Webfinger check? I'm attempting to figure out why <code>@jmtd@pleroma.debian.social</code> won't resolve in NodeBB, and it's because the webfinger call returns <code>400 Bad Request</code>. NodeBB is calling <code>https://pleroma.debian.social/.well-known/webfinger?resource=acct%3Ajmtd%40pleroma.debian.social</code> with <code>User-Agent</code> and <code>Content-Type</code> headers (curiously, it's not sending <code>Accept</code>, but it also fails if that header is set, so that's irrelevant.) Navigating to that webfinger url in the browser returns XML, which is :grimacing: but I'm not even getting that when NodeBB makes the call. <a href="https://community.nodebb.org/post/104461" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://community.nodebb.org/post/104461</a>

Fedify: an ActivityPub server frameworkFetching remote <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/ActivityPub" target="_blank">#ActivityPub</a> objects or actors often involves handling <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/WebFinger" target="_blank">#WebFinger</a> lookups, content negotiation, and then parsing potentially untyped JSON.With <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/Fedify" target="_blank">#Fedify</a>, it's much simpler: use <a href="https://fedify.dev/manual/context#looking-up-remote-objects" rel="nofollow noopener noreferrer" target="_blank"><code>Context.lookupObject()</code></a>. Pass it a URI (e.g., <code>https://instance.tld/users/alice</code>) or a handle (e.g., <code>@alice@instance.tld</code>), and Fedify handles the lookup and content negotiation automatically.The real power comes from the return value: a <a href="https://fedify.dev/manual/vocab" rel="nofollow noopener noreferrer" target="_blank">type-safe Activity Vocabulary object</a>, not just raw JSON. This allows you to confidently access properties and methods directly. For example, you can safely traverse account moves using <code>.getSuccessor()</code> like this:<pre><code>let actor = await ctx.lookupObject("@alice@instance.tld"); while (isActor(actor)) { const successor = await actor.getSuccessor(); if (successor == null) break; actor = successor; } // actor now holds the latest account after moves </code></pre>This is readily available in handlers where the <a href="https://fedify.dev/manual/context" rel="nofollow noopener noreferrer" target="_blank"><code>Context</code></a> object is provided (like <a href="https://fedify.dev/manual/actor" rel="nofollow noopener noreferrer" target="_blank">actor dispatchers</a> or <a href="https://fedify.dev/manual/inbox" rel="nofollow noopener noreferrer" target="_blank">inbox listeners</a>).Focus on your app's logic, not protocol boilerplate!Learn more: <a href="https://fedify.dev/manual/context#looking-up-remote-objects" rel="nofollow noopener noreferrer" target="_blank">https://fedify.dev/manual/context#looking-up-remote-objects</a><a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/fedidev" target="_blank">#fedidev</a>

EpiphytRunning the ActivityPub plugin for WordPress requires particular URLs to be working as expected. This is even more true for a multisite instance in a sub-directory. Learn how to configure your nginx to get it working.<a href="https://epiph.yt/en/blog/2025/activitypub-in-sub-directory-multisite-in-nginx/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://epiph.yt/en/blog/2025/activitypub-in-sub-directory-multisite-in-nginx/</a><a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/en/blog/tag/activitypub/" target="_blank">#ActivityPub</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/en/blog/tag/multisite/" target="_blank">#Multisite</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/en/blog/tag/nginx/" target="_blank">#nginx</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/en/blog/tag/webfinger/" target="_blank">#Webfinger</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/en/blog/tag/wordpress/" target="_blank">#WordPress</a>

EpiphytDas ActivityPub-Plugin für WordPress erfordert, dass bestimmte URLs funktionieren. Das trifft insbesondere auf Multisite-Instanzen mit Unterverzeichnissen zu. Erfahre, wie du deinen nginx konfigurieren musst, damit es funktioniert.<a href="https://epiph.yt/blog/2025/activitypub-in-nginx-multisite-mit-unterverzeichnissen/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://epiph.yt/blog/2025/activitypub-in-nginx-multisite-mit-unterverzeichnissen/</a><a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/blog/tag/activitypub/" target="_blank">#ActivityPub</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/blog/tag/multisite/" target="_blank">#Multisite</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/blog/tag/nginx/" target="_blank">#nginx</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/blog/tag/webfinger/" target="_blank">#Webfinger</a> <a rel="nofollow noopener noreferrer" class="hashtag u-tag u-category" href="https://epiph.yt/blog/tag/wordpress/" target="_blank">#WordPress</a>

Simon GreenwoodI've set up a Snac instance and it all seems to work, but am I right in thinking that it doesn't support webfinger queries, or have I set something up wrong? <a href="https://gotosocial.grnwds.uk/tags/snac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#snac</a> <a href="https://gotosocial.grnwds.uk/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a>

⁂ KalebFinally figured out how to set up a .well-known/webfinger for multiple accounts on a split instance/account¹ domain setup.This piece from <a href="https://fosstodon.org/@aohorodnyk" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@aohorodnyk</a> was critical to making it work, but I would love to make it dynamic rather than creating a rule each time I add a user. Unfortunately, I haven’t yet figured out how to achieve this with wildcard rules.<a href="https://aohorodnyk.com/post/2023-07-08-mastodon-alias-in-cloudflare/" rel="nofollow noopener noreferrer" target="_blank">aohorodnyk: Mastodon Alias in Cloudflare</a>¹ I’m glad I set it up this way, but I wouldn’t recommend it for new instance admins as it is severely limiting in what is supportable.<a href="https://fedi.haugenh.us/tags/gotosocial" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GoToSocial</a> <a href="https://fedi.haugenh.us/tags/gts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GtS</a> <a href="https://fedi.haugenh.us/tags/fediadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FediAdmin</a> <a href="https://fedi.haugenh.us/tags/cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a> <a href="https://fedi.haugenh.us/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebFinger</a>

🇺🇦𖤐AlderForrest 𖤐 🇺🇦Oma <a href="https://1m2lab.anvil.top/tags/nextcloud" rel="nofollow noopener noreferrer" target="_blank">#nextcloud</a> palvelin on nyt toiminnassa, ja säädetty kuntoon. Muutama havainto asiaan liittyen heille, jotka suunnittelevat itsehostaamista: 1) Nextcloud -asennuksen voi tehdä monella tapaa. Itse ajoin testin vuoksi asennukset <a href="https://1m2lab.anvil.top/tags/dietpi" rel="nofollow noopener noreferrer" target="_blank">#dietpi</a> distron, <a href="https://1m2lab.anvil.top/tags/snap" rel="nofollow noopener noreferrer" target="_blank">#snap</a> paketin ja <a href="https://1m2lab.anvil.top/tags/AIO" rel="nofollow noopener noreferrer" target="_blank">#AIO</a> (All-In-One) paketin kautta. 2) Dietpi distron kautta asennus on melko mutkaton prosessi, käyttöliittymä retromaisen tekstipohjainen. Asentuu raudalle ilman kontteja. Joutuu säätämään jälkikäteen, jos haluaa ajella reverse proxyn kautta. Jatkoon, jos säätäminen maistuupi. 3) Snap paketin kautta, asennus on myös melko suoraviivaista, muutaman komentorivikomennon syöttämistä. Asennus menee kontteihin, asennuksessa asentaa snap -version dockerista, josta piireissä ollaan montaa mieltä. Valkotaulun joutuu asentamaan erikseen omaan konttiin, ja on "pain in the rectal area" -tyyppistä. Myös reverse proxyn kanssa menee tappeluksi. Ei jatkoon. 4) AIO -asennus asentaa omiin kontteihin kaiken tarpeellisen, <a href="https://1m2lab.anvil.top/tags/borg" rel="nofollow noopener noreferrer" target="_blank">#borg</a> backupista ja valkotaulupalvelimesta lähtien. Hyvät ohjeet eri reverse proxy -vaihtoehdoille. Asennus verkkoselainpohjainen kontin kautta. Tämä valikoitui omaan purkkiini. 5) On todella harmillista, ettei missään vaihtoehdoista saa <a href="https://1m2lab.anvil.top/tags/social" rel="nofollow noopener noreferrer" target="_blank">#social</a> -aplikaatiota toimimaan aplikaatiossa <a href="https://1m2lab.anvil.top/tags/webfinger" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a> -käsittelijässä lymyilevän bugin johdosta. Käänsin käytännössä kaikki kivet tuota debugatessa, ja lokien ja testien perusteella syy on apissa, ei itse nextcloud -raamissa. Jos kehitysporukka saisi tuon bugin torpattua, saisin uuden instanssin nextcloudista myös <a href="https://1m2lab.anvil.top/tags/fediverse" rel="nofollow noopener noreferrer" target="_blank">#fediverse</a> -perheeseen. 6) Integraatio mobiililaitteen kanssa onnistuu, valmiit apit ovat <a href="https://1m2lab.anvil.top/tags/android" rel="nofollow noopener noreferrer" target="_blank">#android</a> ja <a href="https://1m2lab.anvil.top/tags/iphone" rel="nofollow noopener noreferrer" target="_blank">#iphone</a> luureille. Itse jouduin debuggaaman oman S3 -purkkiservon kanssa, kun iPhonen appi virheili melkoisen määrän alussa. Syy löytyi lopulta <a href="https://1m2lab.anvil.top/tags/S3" rel="nofollow noopener noreferrer" target="_blank">#S3</a> servon ja <a href="https://1m2lab.anvil.top/tags/bucket" rel="nofollow noopener noreferrer" target="_blank">#bucket</a> -asetuksista. <a href="https://1m2lab.anvil.top/tags/selfhosting" rel="nofollow noopener noreferrer" target="_blank">#selfhosting</a> <a href="https://1m2lab.anvil.top/tags/asd" rel="nofollow noopener noreferrer" target="_blank">#asd</a> <a href="https://1m2lab.anvil.top/tags/adhd" rel="nofollow noopener noreferrer" target="_blank">#adhd</a> <a href="https://1m2lab.anvil.top/tags/erityismielenkiinnonkohteet" rel="nofollow noopener noreferrer" target="_blank">#erityismielenkiinnonkohteet</a>

Marcus Rohrmoser 🌻⁂ Create <a href="https://digitalcourage.social/tags/fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fediverse</a> / <a href="https://digitalcourage.social/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a> interact <a href="https://digitalcourage.social/tags/bookmarklets" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bookmarklets</a> wit a <a href="https://digitalcourage.social/tags/CGI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CGI</a> / <a href="https://digitalcourage.social/tags/RFC3875" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RFC3875</a>. <a href="https://codeberg.org/mro/bookmarklet-interact" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://codeberg.org/mro/bookmarklet-interact</a> Sample <a href="https://digitalcourage.social/tags/deployment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#deployment</a> and <a href="https://digitalcourage.social/tags/soucecode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#soucecode</a>.Enjoy! ¹ <a href="https://mro.name/b4fzzac" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://mro.name/b4fzzac</a>

CarK :python:<a href="https://blog.fami.ga/@Thomas" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Thomas</a> Ich weiß zwar nicht genau, was <a href="https://social.tchncs.de/tags/WebFinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebFinger</a> ist, aber es löst ziemlich sicher nicht das Problem, dass Leute – aus gut nach vollziehbaren Gründen – unterschiedliche Mailadressen für unterschiedliche Dienste (z.B. WeAct und Mastodon) verwenden.<a href="https://mastodon.social/@Stefan_S_from_H" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Stefan_S_from_H</a> <a href="https://mastodon.social/@campact" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campact</a> <a href="https://social.heise.de/@heiseonline" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@heiseonline</a> <a href="https://digitalcourage.social/@digitalcourage" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@digitalcourage</a>

Thomas Ganter<a href="https://mastodon.social/@Stefan_S_from_H" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Stefan_S_from_H</a> Genau hier könnte ja, mit etwas gutem Willen, <a href="https://mastodon.social/@campact" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@campact</a> mittels <a href="https://blog.fami.ga/tags/WebFinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebFinger</a> versuchen, zu der E-Mail-Adresse die man gerade im Schritt zuvor bestätigt hat schon mal einen Server zu identifizieren … <a href="https://social.tchncs.de/@cark" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@cark</a> <a href="https://social.heise.de/@heiseonline" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@heiseonline</a> <a href="https://digitalcourage.social/@digitalcourage" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@digitalcourage</a>

Chris Trottier<a class="u-url mention" href="https://cyberplace.social/@antoinnesterk" rel="nofollow noopener noreferrer" target="_blank">@antoinnesterk</a> Strictly speaking, <a class="hashtag" href="https://atomicpoet.org/tag/webfinger" rel="nofollow noopener noreferrer" target="_blank">#WebFinger</a> is not <a class="hashtag" href="https://atomicpoet.org/tag/finger" rel="nofollow noopener noreferrer" target="_blank">#finger</a> but is based on <a class="hashtag" href="https://atomicpoet.org/tag/finger" rel="nofollow noopener noreferrer" target="_blank">#finger</a>.

Chris TrottierFun fact: the <a class="hashtag" href="https://atomicpoet.org/tag/fediverse" rel="nofollow noopener noreferrer" target="_blank">#Fediverse</a> doesn’t just depend on <a class="hashtag" href="https://atomicpoet.org/tag/activitypub" rel="nofollow noopener noreferrer" target="_blank">#ActivityPub</a>. A good portion of it runs on <a class="hashtag" href="https://atomicpoet.org/tag/webfinger" rel="nofollow noopener noreferrer" target="_blank">#WebFinger</a>. It’s why we’re able to find each other across different servers running vastly different software.<a href="https://en.wikipedia.org/wiki/WebFinger" rel="nofollow noopener noreferrer" target="_blank">https://en.wikipedia.org/wiki/WebFinger</a> RE: <a href="https://atomicpoet.org/objects/6bc30357-bc44-4114-a036-1a6caaf3c42e" rel="nofollow noopener noreferrer" target="_blank">https://atomicpoet.org/objects/6bc30357-bc44-4114-a036-1a6caaf3c42e</a>

Dendrobatus AzureusHave you ever asked yourself how the BSD Café Mastodon instance was built?Stefano has written here what he has done. You should have at least rudimentary knowledge of what a jail is in order to follow everything and at least a simple manner.In short a jail is much more efficient than a VM, uses much less resources and it's easier to controlIf you take the time to Study all the subjects, you will be a will to build a freeBSD instance of Mastodon yourself; all the information necessary Is provided Here and Deep to very Deep details you can dig up yourself<a href="https://wiki.bsd.cafe/bsdcafe-technical-details" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://wiki.bsd.cafe/bsdcafe-technical-details</a>🖋️ <a href="https://mastodon.bsd.cafe/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bash</a> <a href="https://mastodon.bsd.cafe/tags/sh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sh</a> <a href="https://mastodon.bsd.cafe/tags/zsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zsh</a> <a href="https://mastodon.bsd.cafe/tags/ksh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ksh</a> <a href="https://mastodon.bsd.cafe/tags/csh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csh</a> <a href="https://mastodon.bsd.cafe/tags/tsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tsh</a> <a href="https://mastodon.bsd.cafe/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://mastodon.bsd.cafe/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaScript</a> <a href="https://mastodon.bsd.cafe/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a> <a href="https://mastodon.bsd.cafe/tags/freeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freeBSD</a> <a href="https://mastodon.bsd.cafe/tags/ngix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ngix</a> <a href="https://mastodon.bsd.cafe/tags/json" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#json</a> <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#POSIX</a> <a href="https://mastodon.bsd.cafe/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mastodon.bsd.cafe/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a>

Dendrobatus AzureusI have had an account on an instance where the System Operator had to shut down because the operational costs were too high to sustain the node. All proper precautions were made and the operator gave us more than six weeks to get all of our followers moved somewhere else. He also made sure that everybody got the message by sending it multiple times also through email. I've made an account there because that place was bot Friendly {<a href="https://botsin.space/}" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://botsin.space/}</a> and I was going to Create a bot on that instance However, since I put so few toots out there, on that account I didn't even bother to download them. And since I'm quite aware of high internet costs, I also make sure that I have accounts on different places because in the end somebody is paying for it either in cash or paying for it by using Surplus bandwidth and surplus disc area space.We as Fediverse Community users should realise that nothing is free apart from Air and Water; everything else cost either Time, Space_Time or Energy, often a combination of the latter two. I've just checked and <a href="https://botsin.space/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://botsin.space/</a> still seems to be up as a read-only instance. <a href="https://fuzzies.wtf/@altbot" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@altbot</a> 🖋️ <a href="https://mastodon.bsd.cafe/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bash</a> <a href="https://mastodon.bsd.cafe/tags/sh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sh</a> <a href="https://mastodon.bsd.cafe/tags/zsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zsh</a> <a href="https://mastodon.bsd.cafe/tags/ksh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ksh</a> <a href="https://mastodon.bsd.cafe/tags/csh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csh</a> <a href="https://mastodon.bsd.cafe/tags/tsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tsh</a> <a href="https://mastodon.bsd.cafe/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://mastodon.bsd.cafe/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaScript</a> <a href="https://mastodon.bsd.cafe/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a> <a href="https://mastodon.bsd.cafe/tags/freeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freeBSD</a> <a href="https://mastodon.bsd.cafe/tags/ngix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ngix</a> <a href="https://mastodon.bsd.cafe/tags/json" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#json</a>  <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#POSIX</a> <a href="https://mastodon.bsd.cafe/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mastodon.bsd.cafe/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a>

Dendrobatus AzureusMake sure that you always think about the data that you divulge to big companies. Use the Easy Storage knowing that they will use your data also even your copyrighted photographs. Within the Fediverse it's easy to own your data, very easy, always remember that and be thankful🖋️ <a href="https://mastodon.bsd.cafe/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bash</a> <a href="https://mastodon.bsd.cafe/tags/sh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sh</a> <a href="https://mastodon.bsd.cafe/tags/zsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zsh</a> <a href="https://mastodon.bsd.cafe/tags/ksh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ksh</a> <a href="https://mastodon.bsd.cafe/tags/csh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csh</a> <a href="https://mastodon.bsd.cafe/tags/tsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tsh</a> <a href="https://mastodon.bsd.cafe/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://mastodon.bsd.cafe/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaScript</a> <a href="https://mastodon.bsd.cafe/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a> <a href="https://mastodon.bsd.cafe/tags/freeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freeBSD</a> <a href="https://mastodon.bsd.cafe/tags/ngix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ngix</a> <a href="https://mastodon.bsd.cafe/tags/json" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#json</a> <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#POSIX</a> <a href="https://mastodon.bsd.cafe/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mastodon.bsd.cafe/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a>

Dendrobatus AzureusIn this article Stefano explains to you how to use a web finger system so that people can always find your addressAn important message here is that _you should always own your data_. So do not rely on cloud or web services to maintain your data. Always remember that many of those massive conglomerates use your data and sell it, literally sell it, or the metadata off it, to the highest bidderWithin the Fediverse it's easy to migrate from one server to the next, your followers will automatically follow your new account<a href="https://it-notes.dragas.net/2024/10/08/using-a-permanent-webfinger-address/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://it-notes.dragas.net/2024/10/08/using-a-permanent-webfinger-address/</a>🖋️ <a href="https://mastodon.bsd.cafe/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bash</a> <a href="https://mastodon.bsd.cafe/tags/sh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sh</a> <a href="https://mastodon.bsd.cafe/tags/zsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zsh</a> <a href="https://mastodon.bsd.cafe/tags/ksh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ksh</a> <a href="https://mastodon.bsd.cafe/tags/csh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#csh</a> <a href="https://mastodon.bsd.cafe/tags/tsh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tsh</a> <a href="https://mastodon.bsd.cafe/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://mastodon.bsd.cafe/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JavaScript</a> <a href="https://mastodon.bsd.cafe/tags/Mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a> <a href="https://mastodon.bsd.cafe/tags/freeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freeBSD</a> <a href="https://mastodon.bsd.cafe/tags/ngix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ngix</a> <a href="https://mastodon.bsd.cafe/tags/json" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#json</a> <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#POSIX</a> <a href="https://mastodon.bsd.cafe/tags/SocialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a> <a href="https://mastodon.bsd.cafe/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a>

Maho Pacheco 🦝🍻A Guide to Implementing ActivityPub in a Static Site (or Any Website) - Part 8 is out!Follow the site here <a href="https://maho.dev/" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@blog</a> or check the article here: <a href="https://maho.dev/2025/01/a-guide-to-implementing-activitypub-in-a-static-site-or-any-website-part-8/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://maho.dev/2025/01/a-guide-to-implementing-activitypub-in-a-static-site-or-any-website-part-8/</a> <a href="https://hachyderm.io/tags/fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fediverse</a> <a href="https://hachyderm.io/tags/activitypub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#activitypub</a> <a href="https://hachyderm.io/tags/static" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#static</a>-sites <a href="https://hachyderm.io/tags/hugo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hugo</a> <a href="https://hachyderm.io/tags/azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#azure</a> <a href="https://hachyderm.io/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mastodon</a> <a href="https://hachyderm.io/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#web</a>-development <a href="https://hachyderm.io/tags/social" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#social</a>-web <a href="https://hachyderm.io/tags/webfinger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webfinger</a> <a href="https://hachyderm.io/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#http</a> <a href="https://hachyderm.io/tags/azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#azure</a> <a href="https://hachyderm.io/tags/azurefunctions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#azurefunctions</a>

Fedify: an ActivityPub server frameworkFedifyのWebFinger実装における脆弱性<a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow noopener noreferrer" target="_blank">CVE-2025-23221</a>に対するセキュリティアップデート（<a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow noopener noreferrer" target="_blank">1.0.14</a>、<a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow noopener noreferrer" target="_blank">1.1.11</a>、<a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow noopener noreferrer" target="_blank">1.2.11</a>、<a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow noopener noreferrer" target="_blank">1.3.4</a>）をリリースいたしました。すべてのユーザー様におかれましては、お使いのバージョンに応じた最新版への速やかなアップデートを推奨いたします。 脆弱性の詳細 セキュリティ研究者により、Fedifyの<code>lookupWebFinger()</code>関数において以下のセキュリティ上の問題が発見されました： <ul> <li>無限リダイレクトループによるサービス拒否攻撃（DoS）の可能性</li> <li>プライベートネットワークアドレスへのリダイレクトを利用したSSRF（サーバーサイドリクエストフォージェリ）攻撃の可能性</li> <li>リダイレクト操作による意図しないURLスキームへのアクセスの可能性</li> </ul> 修正されたバージョン <ul> <li>1.3.xシリーズ：<a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow noopener noreferrer" target="_blank">1.3.4</a>へアップデート</li> <li>1.2.xシリーズ：<a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow noopener noreferrer" target="_blank">1.2.11</a>へアップデート</li> <li>1.1.xシリーズ：<a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow noopener noreferrer" target="_blank">1.1.11</a>へアップデート</li> <li>1.0.xシリーズ：<a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow noopener noreferrer" target="_blank">1.0.14</a>へアップデート</li> </ul> 変更内容 本セキュリティアップデートでは、以下の修正が実施されました： <ol> <li>無限リダイレクトループを防ぐため、最大リダイレクト回数（5回）の制限を導入</li> <li>元のリクエストと同じスキーム（HTTP/HTTPS）のみにリダイレクトを制限</li> <li>SSRFを防止するため、プライベートネットワークアドレスへのリダイレクトをブロック</li> </ol> アップデート方法 以下のコマンドで最新のセキュアバージョンにアップデートできます： <pre><code># npmユーザーの場合 npm update @fedify/fedify # Denoユーザーの場合 deno add jsr:@fedify/fedify </code></pre> この脆弱性を責任を持って報告していただいたセキュリティ研究者の方に感謝申し上げます。迅速な対応が可能となりました。 本脆弱性の詳細については、<a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow noopener noreferrer" target="_blank">セキュリティ勧告</a>をご参照ください。 ご質問やご懸念がございましたら、<a href="https://github.com/dahlia/fedify/discussions" rel="nofollow noopener noreferrer" target="_blank">GitHub Discussions</a>、<a href="https://matrix.to/#/#fedify:matrix.org" rel="nofollow noopener noreferrer" target="_blank">Matrixチャットスペース</a>、または<a href="https://discord.gg/bhtwpzURwd" rel="nofollow noopener noreferrer" target="_blank">Discordサーバー</a>までお気軽にご連絡ください。 <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/Fedify" target="_blank">#Fedify</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/WebFinger" target="_blank">#WebFinger</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3" target="_blank">#セキュリティ</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/%E8%84%86%E5%BC%B1%E6%80%A7" target="_blank">#脆弱性</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/DoS" target="_blank">#DoS</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/SSRF" target="_blank">#SSRF</a>

Fedify: an ActivityPub server framework<a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/Fedify" target="_blank">#Fedify</a> 프레임워크의 <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/WebFinger" target="_blank">#WebFinger</a> 구현에서 발견된 보안 취약점 <a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow noopener noreferrer" target="_blank">CVE-2025-23221</a>을 해결하기 위한 보안 업데이트(<a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow noopener noreferrer" target="_blank">1.0.14</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow noopener noreferrer" target="_blank">1.1.11</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow noopener noreferrer" target="_blank">1.2.11</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow noopener noreferrer" target="_blank">1.3.4</a>)를 배포했습니다. 모든 사용자께서는 각자 사용 중인 버전에 해당하는 최신 버전으로 즉시 업데이트하시기를 권장합니다. 취약점 내용 보안 연구자가 Fedify의 <code>lookupWebFinger()</code> 함수에서 다음과 같은 보안 문제점들을 발견했습니다: <ul> <li>무한 리다이렉트 루프를 통한 서비스 거부 공격 가능</li> <li>내부 네트워크 주소로의 리다이렉트를 통한 SSRF (서버측 요청 위조) 공격 가능</li> <li>리다이렉트 조작을 통한 의도하지 않은 URL 스킴 접근 가능</li> </ul> 수정된 버전 <ul> <li>1.3.x 시리즈: <a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow noopener noreferrer" target="_blank">1.3.4</a>로 업데이트</li> <li>1.2.x 시리즈: <a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow noopener noreferrer" target="_blank">1.2.11</a>로 업데이트</li> <li>1.1.x 시리즈: <a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow noopener noreferrer" target="_blank">1.1.11</a>로 업데이트</li> <li>1.0.x 시리즈: <a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow noopener noreferrer" target="_blank">1.0.14</a>로 업데이트</li> </ul> 변경 사항 이번 보안 업데이트에는 다음과 같은 수정 사항이 포함되어 있습니다: <ol> <li>무한 리다이렉트 루프를 방지하기 위해 최대 리다이렉트 횟수 제한(5회) 도입</li> <li>원래 요청과 동일한 스킴(HTTP/HTTPS)으로만 리다이렉트 허용하도록 제한</li> <li>SSRF 공격 방지를 위해 내부 네트워크 주소로의 리다이렉트 차단</li> </ol> 업데이트 방법 다음 명령어로 최신 보안 버전으로 업데이트하실 수 있습니다: <pre><code># npm 사용자의 경우 npm update @fedify/fedify # Deno 사용자의 경우 deno add jsr:@fedify/fedify </code></pre> 이 취약점을 책임감 있게 보고해 주신 보안 연구자께 감사드립니다. 덕분에 신속하게 문제를 해결할 수 있었습니다. 이 취약점에 대한 자세한 내용은 <a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow noopener noreferrer" target="_blank">보안 권고문</a>을 참고해 주시기 바랍니다. 문의 사항이나 우려 사항이 있으시다면 <a href="https://github.com/dahlia/fedify/discussions" rel="nofollow noopener noreferrer" target="_blank">GitHub Discussions</a>나 <a href="https://matrix.to/#/#fedify:matrix.org" rel="nofollow noopener noreferrer" target="_blank">Matrix 채팅방</a>, 또는 <a href="https://discord.gg/bhtwpzURwd" rel="nofollow noopener noreferrer" target="_blank">Discord 서버</a>를 통해 언제든 연락해 주시기 바랍니다. <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/%EB%B3%B4%EC%95%88" target="_blank">#보안</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/%EB%B3%B4%EC%95%88%ED%8C%A8%EC%B9%98" target="_blank">#보안패치</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/%EC%B7%A8%EC%95%BD%EC%A0%90" target="_blank">#취약점</a> <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/SSRF" target="_blank">#SSRF</a>

Fedify: an ActivityPub server frameworkWe have released <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/security" target="_blank">#security</a> updates (<a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow noopener noreferrer" target="_blank">1.0.14</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow noopener noreferrer" target="_blank">1.1.11</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow noopener noreferrer" target="_blank">1.2.11</a>, <a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow noopener noreferrer" target="_blank">1.3.4</a>) to address <a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow noopener noreferrer" target="_blank">CVE-2025-23221</a>, a <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/vulnerability" target="_blank">#vulnerability</a> in <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/Fedify" target="_blank">#Fedify</a>'s <a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/WebFinger" target="_blank">#WebFinger</a> implementation. We recommend all users update to the latest version of their respective release series immediately. The Vulnerability A security researcher identified multiple security issues in Fedify's <code>lookupWebFinger()</code> function that could be exploited to: <ul> <li>Perform denial of service attacks through infinite redirect loops</li> <li>Execute server-side request forgery (<a class="mention hashtag" rel="nofollow noopener noreferrer" href="https://hollo.social/tags/SSRF" target="_blank">#SSRF</a>) attacks via redirects to private network addresses</li> <li>Access unintended URL schemes through redirect manipulation</li> </ul> Fixed Versions <ul> <li>1.3.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.3.4" rel="nofollow noopener noreferrer" target="_blank">1.3.4</a></li> <li>1.2.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.2.11" rel="nofollow noopener noreferrer" target="_blank">1.2.11</a></li> <li>1.1.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.1.11" rel="nofollow noopener noreferrer" target="_blank">1.1.11</a></li> <li>1.0.x series: Update to <a href="https://github.com/dahlia/fedify/releases/tag/1.0.14" rel="nofollow noopener noreferrer" target="_blank">1.0.14</a></li> </ul> Changes The security updates implement the following fixes: <ol> <li>Added a maximum redirect limit (5) to prevent infinite redirect loops</li> <li>Restricted redirects to only follow the same scheme as the original request (HTTP/HTTPS)</li> <li>Blocked redirects to private network addresses to prevent SSRF attacks</li> </ol> How to Update To update to the latest secure version: <pre><code># For npm users npm update @fedify/fedify # For Deno users deno add jsr:@fedify/fedify </code></pre> We thank the security researcher who responsibly disclosed this vulnerability, allowing us to address these issues promptly. For more details about this vulnerability, please refer to our <a href="https://github.com/dahlia/fedify/security/advisories/GHSA-c59p-wq67-24wx" rel="nofollow noopener noreferrer" target="_blank">security advisory</a>. If you have any questions or concerns, please don't hesitate to reach out through our <a href="https://github.com/dahlia/fedify/discussions" rel="nofollow noopener noreferrer" target="_blank">GitHub Discussions</a>, join our <a href="https://matrix.to/#/#fedify:matrix.org" rel="nofollow noopener noreferrer" target="_blank">Matrix chat space</a>, or our <a href="https://discord.gg/bhtwpzURwd" rel="nofollow noopener noreferrer" target="_blank">Discord server</a>.

Recent searches

Search options

Administered by:

Server stats:

#webfinger