💾 Archived View for jacksonchen666.com › posts › 2023-06-25 › 22-31-40 › index.gmi captured on 2024-05-12 at 15:24:21. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-11-04)

-=-=-=-=-=-=-

Authorized Fetch in Mastodon: Probably Important

2023-06-25 20:31:40Z (last updated 2023-10-16 08:55:03Z)

I defederated mastodon.social. So in theory, it doesn't have my later posts.

Except mastodon.social has my later posts, somehow.

Posts as recent as 2023-06-17 are showing up, while I defederated mastodon.social on 2023-05-14. That's odd, why is that happening?

Well, I had Authorized fetch turned off at the time (to test some things). And I turned it back on later.

So far, I haven't seen a newer post than 2023-06-17 on mastodon.social.

Authorized fetch mode

Authorized fetch is a configuration option applied at the instance level. The option seems to be a Mastodon 4.0.0 thing (where they deleted a different set of UIs which forced JavaScript on logged out users too).

Authorized fetch mode

With authorized fetch, it requires all instances to contact your instance to get stuff, instead of other instances redistributing your stuff. This makes it possible to *enforce* domain blocks so that you can't see them and they can't see you. Well, at least that's my rough understanding of it.

Given that I have blocked mastodon.social at the instance level, with authorized fetch mode it should be not really possible for mastodon.social to get my posts. Without authorized fetch mode, it could be possible for mastodon.social to get my posts, which is something.

Should you enable authorized fetch mode on your instance?

Answer: Maybe, maybe not, maybe yes. I don't know and I'm not your decision maker, so go read the docs and make a judgement yourself.

Authorized fetch mode

More about authorized fetch

Blog post about authorized fetch

public inbox (comments and discussions)

public inbox archives

(mailing list etiquette for public inbox)