Email or username:

Password:

Forgot your password?
Fediverse Test Suite

To all you #developers implementing #SSRF protections in your #fediverse applications...

We are all in favor of those protections. But!

Have a setting that lets projects like #FediTest override it. Otherwise how can anybody test interop on anything other than on the public internet?

Mastodon has a ALLOWED_PRIVATE_ADDRESSES setting, which is one way of doing it. Or just have a setting with a default value of what's disabled, and let people override it. Or whatever.

But we need something ...

1 comment
silverpill

@feditest if you're testing mitra, you can set federation.ssrf_protection_enabled to false (it was added in version 3.4.0)

Go Up