Authorized Fetch Circumvented by Alt-Right Developers
(wedistribute.org)
from deadsuperhero@lemmy.world to fediverse@lemmy.world on 26 Dec 2023 19:27
https://lemmy.world/post/10001725
from deadsuperhero@lemmy.world to fediverse@lemmy.world on 26 Dec 2023 19:27
https://lemmy.world/post/10001725
Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.
threaded - newest