I strongly encourage you to demand your Mastodon instance use AUTHORIZED_FETCH.

The basic story is this:
If you block someone, you can’t see them & their posts, etc. BUT without AF, they can still see you & your posts.

What does AUTHORIZED_FETCH actually do?
https://hub.sunny.garden/2023/06/28/what-does-authorized_fetch-actually-do/

Why AUTHORIZED_FETCH isn’t defaulted on… Knowing what I now know, I would move to a new instance if my admin would not turn AF on. It’s a huge security issue.

It’s a stalkers field day without AUTHORIZED_FETCH.

@Yehuda

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.