Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.

    • stoy
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      11 months ago

      He thought he was funny, he repeated what the above poster said to repeat.