mirror of https://github.com/mastodon/mastodon.git
![]() ActivityPub spec section 3.2 reads > The client MUST specify an Accept header with the > `application/ld+json; profile="https://www.w3.org/ns/activitystreams"` > media type in order to retrieve the activity. Currently Mastodon omits the profile in its dereferences (but not the fetch service) and only lists application/ld+json as one of several possible types. This breaks spec and allows spec-compliant implementations to refuse any such fetch requests. Resolve this by adding the required profile and while at it, make the only spec-compliant type the first listed choice in all relevant places. While unlikely to be a problem due to other parts already including a profile, also keep a profile-less JSON-LD type where it existed before to ensure this doesn't break federation with a hypothetical buggy implemenetation relying on this current Mastodon quirk. Section 7 also specifies the same media type MUST be used in the Content-Type header of for POST requests, but here we can't specify alternatives, so for now keep the current type. Fixes a part of https://github.com/mastodon/mastodon/issues/22720 |
||
---|---|---|
.. | ||
chewy | ||
controllers | ||
helpers | ||
javascript | ||
lib | ||
mailers | ||
models | ||
policies | ||
presenters | ||
serializers | ||
services | ||
validators | ||
views | ||
workers |