mirror of https://github.com/mastodon/mastodon.git
70be92c897
ActivityPub spec section 3.2 reads > The client MUST specify an Accept header with the > `application/ld+json; profile="https://www.w3.org/ns/activitystreams"` > media type in order to retrieve the activity. Currently Mastodon omits the profile in its dereferences (but not the fetch service) and only lists application/ld+json as one of several possible types. This breaks spec and allows spec-compliant implementations to refuse any such fetch requests. Resolve this by adding the required profile and while at it, make the only spec-compliant type the first listed choice in all relevant places. While unlikely to be a problem due to other parts already including a profile, also keep a profile-less JSON-LD type where it existed before to ensure this doesn't break federation with a hypothetical buggy implemenetation relying on this current Mastodon quirk. Section 7 also specifies the same media type MUST be used in the Content-Type header of for POST requests, but here we can't specify alternatives, so for now keep the current type. Fixes a part of https://github.com/mastodon/mastodon/issues/22720 |
||
|---|---|---|
| .. | ||
| chewy | ||
| controllers | ||
| helpers | ||
| javascript | ||
| lib | ||
| mailers | ||
| models | ||
| policies | ||
| presenters | ||
| serializers | ||
| services | ||
| validators | ||
| views | ||
| workers | ||