Conversation

Notices

1. verified neko :verified::verified::verified::makemeneko: (roboneko@bae.st)'s status on Tuesday, 28-Nov-2023 19:51:39 JST verified neko :verified::verified::verified::makemeneko:

   in reply to

   • Zergling_man
   • ren :shraggot:
   • this ad CAN be blocked, bitch
   @Zergling_man @kirby @teratology I'm not complaining about locking the instance down to require a login. I'm complaining about the whole "oh 404 you have a bad link" instead of just "403 fuck you auth or go away"
   
   and then the redirect goes and leaks the fact that the resource exists anyway. I wonder if it would do the redirect for DMs? not that knowing that the url exists matters in the slightest
   • † top dog :pedomustdie: likes this.
   • Zergling_man (zergling_man@sacred.harpy.faith)'s status on Tuesday, 28-Nov-2023 19:51:40 JST Zergling_man

     in reply to

     • ren :shraggot:
     • this ad CAN be blocked, bitch
     @roboneko @teratology @kirby He doesn't want j**rnos scraping it, probably.
   • verified neko :verified::verified::verified::makemeneko: (roboneko@bae.st)'s status on Tuesday, 28-Nov-2023 19:51:41 JST verified neko :verified::verified::verified::makemeneko:

     • Zergling_man
     • ren :shraggot:
     • this ad CAN be blocked, bitch
     @kirby @Zergling_man @teratology
     
     > 404 instead of 403 forbidden
     
     > but without the header it redirects to the appropriate FE url
     
     > FE is empty
     
     > mastoapi "not found"
     
     :angry: just 403 forbidden for public stuff WTF paranoia