FoundKey/packages
Hélène b600efae0d
BREAKING: activitypub: validate fetch signatures
Enforces HTTP signatures on object fetches, and rejects fetches from blocked
instances. This should mean proper and full blocking of remote instances.

This is now default behavior, which makes it a breaking change. To disable
it (mostly for development purposes), the configuration item
`allowUnsignedFetches` can be set to true. It is not the default for
development environments as it is important to have as close as possible
behavior to real environments for ActivityPub development.

Co-authored-by: nullobsi <me@nullob.si>
Co-authored-by: Norm <normandy@biribiri.dev>
Changelog: Added
2023-06-25 20:42:14 +02:00
..
backend BREAKING: activitypub: validate fetch signatures 2023-06-25 20:42:14 +02:00
client client: always forbid MFM overflow 2023-06-25 18:41:08 +02:00
foundkey-js docs: remove bannerColor 2023-06-05 23:39:43 +02:00
shared disable lint '@typescript-eslint/no-explicit-any' 2023-05-07 14:28:24 +02:00
sw update changelog and version number 2023-05-23 21:59:14 +02:00
meta.json refactoring 2021-11-12 02:02:25 +09:00