I’ve noticed any time I try to share a picture with your instance it is filtered and replaced with *removed externally hosted image*. Seems a fairly stifling design choice, if federation is gonna be successful. Why won’t you let me love you?
You must log in or register to comment.
As others have mentioned, that was implemented in a hurry due to tightening up security and safety around embedded images. I’ve brought it up to the devs to hopefully rectify, as if an instance is trustworthy enough to federate with (aka, not actively malicious) then it is probably safe to show their embeds (behind a blur).
At the latest, this restriction will go away when lemmy upgrades to pictrs 0.5 which will support proxying image requests, but unless there are objections from the rest of the team we will likely add all federated instances to the image allowlist before then.
Thank you for the technical explanation, I understand now the current state.
AFAIK we have that enabled because there are tons of exploits that can happen when an image is loaded, namely IP Grabbing. Hopefully one day there’ll be a built in function on Lemmy that allows images to be scraped and re-hosted on Hexbear so we don’t have to think about its
I get that. Unfortunately it breaks a large piece of functionality. Any time I try to share a local picture, it’s going to by default be uploaded to my home instance.
I guess upload to imgur and hyperlink for now?
I appreciate the suggestion. However imgur is gonna try to scrape 10x the info from anyone that visits that link, than allowing an inline image from my home instance. And I can’t be that monster.
Argh how frustrating!
This would be preferable.
no more half measures walter
