Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.

  • @ttmrichter
    link
    01 year ago

    And yet has overwhelmingly cryptobros.