Forbid remote URLs for avatars/banners (fixes #1618) #2132
Conversation
Nutomic
force-pushed
the
forbid-remote-icons
branch
from
6fa9142
to
90d51cc
Compare
|
This would break federated avatars and banners, which we do allow to be remote: Ex: https://lemmy.ml/c/genzedong@lemmygrad.ml Why is it necessary to have potentially hundreds of copies of these images on every instance? I don't think the security implications of seeing an IP viewing a picture are nearly as negative as wasting hard drive space by pointlessly duplicating images tons of times. We need a decentralized picture store that shares hosting costs, rather than continuing this same problem of having every platform duplicate and host the same images sometimes 9 times. The duplication is fine for tiny info like text, but we really shouldn't allow it for resource-constrained self-hosted servers. If we did add something like this, it'd have to be after we choose to cache these locally. |
Nutomic
force-pushed
the
forbid-remote-icons
branch
from
90d51cc
to
ac10ef2
Compare
|
No it doesnt break that. The icon/banner on that page are loaded directly from lemmygrad.ml, as you can check for yourself with browser dev tools. And the federation checks verify exactly that, that images are from the same domain as the actor (so for a lemmygrad.ml community, icon/banner have to be hosted on lemmygrad.ml as well). This is very unlikely to break anything, because lemmy-ui only provides an upload button for images, no raw url input. So the only way to have images which fail these checks would be with raw api calls (or with a different client). I have no idea how you get the idea that there are hundreds of copies of these images. Again, they are loaded directly from the original instance, without being copied onto any other instance. Maybe you are thinking of Mastodon which caches remote images for privacy reasons. |
dessalines
force-pushed
the
forbid-remote-icons
branch
from
ac10ef2
to
94777dd
Compare
No description provided.