Tracking the State HTTP Signature Route Aliases across Implementations #1054

New issue

Open

opened 2026-01-23 20:46:32 +00:00 by Oneric · 0 comments

Oneric commented 2026-01-23 20:46:32 +00:00

Owner

Copy link

With things having evolved since, this is kind of a successor to #731

There are two reasons why we curretnly allow route aliases when verifying signatures. First the query string confusion stemming from a historic long-standing Mastodon bug. Second a hardcoded extra set of aliases for frontend display URLs due to similar historic bugs Pleroma and Mastodon where they forg*t to resign when encountering redirects while fetching.

We likely won’t be able to completely get rid of the first one in the near future. However, we might if adoption improves eventually want to switch our prefernce order and reconsider how we sign our own outgoing requests.
But the second one is only relevant for manual fetches/searches when both the fetching instance is buggy wrt to redirects and the fetching user mistakenly copied the browser URL instead of using the "copy link" button (which in akko-fe now always prefers the canonical ID since AkkomaGang/akkoma-fe#459). Meaning once correctly resigning on redirects is sufficiently common we could drop this set of aliases (they incur extra cost since generating them requires a database lookup unlike the query-param aliases).

---

Handling of redirects per implementation

Correctly re-signs

• Bridgy (see: snarfed/bridgy-fed@8bd4192553/activitypub.py (L914) )
• Iceshrimp.NET (tested by initiating a display-url fetch with extra logging on Akkoma side)
• GtS (since: https://codeberg.org/superseriousbusiness/gotosocial/pulls/2798 )
• Akkoma (since #973)
• Mastodon (since https://github.com/mastodon/mastodon/pull/33757)

Unknown

• upub

Broken; doesn’t re-sign

• *key ( https://activitypub.software/TransFem-org/Sharkey/-/issues/1250 )
• snac (https://codeberg.org/grunfink/snac2/issues/533)
• Pleroma (as of 2.10.0)

---

---

Handling of query parameters per implementation

(last updated in January 2026)

Prefers with query-params; allows both for incoming

Unconditionally uses query-params for outgoing

• Iceshrimp.NET (see: Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs )
• upub (see: alemidev/upub@d57fbb7696; has config options to toggle prefernce, but never a retry mechanism; before this commit only accepted with query-params)

Has retry mechansim to use query-less if with-query-params fails for outgoing

• GtS

Prefers without query-params; allows both for incoming

Unconditionally uses query-less for outgoing

• Akkoma
• Pleroma
• Sharkey; likely now other keys too (historically they required with query-params for incoming while at the same time always generating without query params for outgoing; see: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/966 )

Has retry mechanism to use with-query if query-less fails for outgoing

• Mastodon (see: https://github.com/mastodon/mastodon/issues/18638 and https://github.com/mastodon/mastodon/pull/28788)

Only accepts without query params

(none known)

Only accepts with query params

(none known)

Unknown

• snac

With things having evolved since, this is kind of a successor to #731 There are two reasons why we curretnly allow route aliases when verifying signatures. First the query string confusion stemming from a historic long-standing Mastodon bug. Second a hardcoded extra set of aliases for frontend display URLs due to similar historic bugs Pleroma and Mastodon where they forg*t to resign when encountering redirects while fetching. We likely won’t be able to completely get rid of the first one in the near future. However, we might if adoption improves eventually want to switch our prefernce order and reconsider how we sign our own outgoing requests. But the second one is only relevant for manual fetches/searches when both the fetching instance is buggy wrt to redirects _and_ the fetching user mistakenly copied the browser URL instead of using the "copy link" button *(which in akko-fe now always prefers the canonical ID since https://akkoma.dev/AkkomaGang/akkoma-fe/pulls/459)*. Meaning once correctly resigning on redirects is sufficiently common we could drop this set of aliases (they incur extra cost since generating them requires a database lookup unlike the query-param aliases). ---- ## Handling of redirects per implementation ### Correctly re-signs - Bridgy (see: https://github.com/snarfed/bridgy-fed/blob/8bd41925535f3bfe5df9904f5433a11e3fe10e18/activitypub.py#L914 ) - Iceshrimp.NET *(tested by initiating a display-url fetch with extra logging on Akkoma side)* - GtS (since: https://codeberg.org/superseriousbusiness/gotosocial/pulls/2798 ) - Akkoma (since #973) - Mastodon (since https://github.com/mastodon/mastodon/pull/33757) ### Unknown - upub ### Broken; doesn’t re-sign - \*key ( https://activitypub.software/TransFem-org/Sharkey/-/issues/1250 ) - snac (https://codeberg.org/grunfink/snac2/issues/533) - Pleroma (as of 2.10.0) ---- ---- ## Handling of query parameters per implementation *(last updated in January 2026)* ### Prefers with query-params; allows both for incoming #### Unconditionally uses query-params for outgoing - Iceshrimp.NET (see: [`Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs`](https://iceshrimp.dev/iceshrimp/Iceshrimp.NET/src/commit/a601649600701defd7bcf4253c3964b9a58f300d/Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs#L122) ) - upub (see: https://github.com/alemidev/upub/commit/d57fbb769638ecd911cc4b531834ad8719b473dc; has config options to toggle prefernce, but never a retry mechanism; before this commit only accepted with query-params) #### Has retry mechansim to use query-less if with-query-params fails for outgoing - GtS ### Prefers without query-params; allows both for incoming #### Unconditionally uses query-less for outgoing - Akkoma - Pleroma - Sharkey; likely now other keys too *(historically they required with query-params for incoming while at the same time always generating _without_ query params for outgoing; see: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/966 )* #### Has retry mechanism to use with-query if query-less fails for outgoing - Mastodon (see: https://github.com/mastodon/mastodon/issues/18638 and https://github.com/mastodon/mastodon/pull/28788) ### Only accepts without query params *(none known)* ### Only accepts with query params *(none known)* ### Unknown - snac

Oneric added the

not a bug

label 2026-01-23 20:47:12 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

elixir-1.14

stable

translations

ci-builds-otp28

ci

otp28

backfill-expiry

db-prune-beastmode-level-aggression

better-stats

customizable-docker-db

static-adminfe

bad-uploader-config-warning

docker

user-expiry-backfill

config-db-keys

ensure-scrubbers-loaded

otp26

code-shaking-does-not-go-brr

elixir1.15

circleci

backup-fixes

mod-task

policy

mrf-coolness

frontend-switcher-9000

contentMap

language-on-posts

rabbit

credo-on-pr

unify-http

normalise-markup-by-default

buildx

v3.18.0

v3.17.0

v3.16.0

v3.15.2

v3.15.1

v3.15.0

v3.14.1

v3.14.0

v2.8.0

v2.7.1

v3.13.3

v2.7.0

v3.13.2

v2.6.3

v3.13.1

v3.13.0

snac-3.12.1.2

v3.12.2

snac-3.12.1.1

v3.12.1

v3.12.0

v3.11.0

v2.6.2

v2.6.1

2.6.1

v2.6.0

v2.5.5

v3.10.4

v3.10.3

v3.10.2

v3.10.1

v3.10.0

v2.5.4

v2.5.3

v3.9.3

v3.9.2

v3.9.1

V3.9.0

2023.05

v3.8.0

v3.7.1

v3.7.0

v3.6.0

v3.5.0

v2.4.5

v3.4.0

v3.3.1

v2.4.4

v3.3.0

v3.2.3

v3.2.2

v3.2.1

stable-202209

v3.2.0

v3.1.0

stable-2022.07

v3.0.0

v0.0.1

v2.5.2-6

v2.5.2-5

v2.5.2-4

v2.5.2-3

v2.5.2-2

v2.5.2-1

v2.5.2

v2.5.1

v2.5.0-8

v2.5.0-7

v2.5.0-6

v2.5.0-5

v2.5.0-4

v2.5.0-3

v2.5.0-2

v2.5.0-1

v2.5.0

v2.4.3

pre-rebase

v2.4.2

v2.4.1

v2.4.0

soapbox-v1.1.1

soapbox-v1.1.0

soapbox-v1.0.0

v2.3.0

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.1.9

v1.1.8

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.91

v1.0.90

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v0.9.0

Labels

Clear labels   

approved, awaiting change

  

broken setup

Issue arose from a misconfiguration by the admin, custom patches, manual db edits or similar

  

bug

Something is not working

  

cannot reproduce

  

configuration

This requires config changes

  

documentation

This is about human-readable docs

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

extremely low priority

  

feature request

Something new?

  

Fix it yourself

Support has been attempted

  

help wanted

Need some help

  

invalid

Something is wrong

  

mastodon_api

  

needs change/feedback

Issue or PR is stalled on response from the author or a third party

  

needs docs

  

needs tests

  

not a bug

  

not our bug

Bug in a dependency of ours (meaning we can't just fix it), or in another AP implementation or client interfacing with Akkoma (which needs to be fixed on their end)

  

planned

  

pleroma_api

  

privacy

  

question

More information is needed

  

static_fe

  

triage

  

wontfix

This won't be fixed

No labels

approved, awaiting change

broken setup

bug

cannot reproduce

configuration

documentation

duplicate

enhancement

extremely low priority

feature request

Fix it yourself

help wanted

invalid

mastodon_api

needs change/feedback

needs docs

needs tests

not a bug

not our bug

planned

pleroma_api

privacy

question

static_fe

triage

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

AkkomaGang/akkoma#1054

No description provided.