this post was submitted on 15 Aug 2023
17 points (100.0% liked)

hexbear

10441 readers
21 users here now

Hexbear Proposals chapo.chat matrix room.

This will be a place for site proposals and discussion before implementation on the site.
Every proposal will also be mirrored into a pinned post on the hexbear community.

Any other ideas for helping to integrate the two spaces are welcome to be commented here or messaged to me directly.

Within Hexbear Proposals you can see the history of all site proposals and react to them, indicating a vote for or against a proposal.

Sending messages will be restricted to verified and active hexbear accounts older than 1 month with their matrix id in their hexbear user profile.

All top level messages within the channel must be a Proposals (idea for changing the site), Feedback (regarding non-technical aspects of the site, for technical please use https://hexbear.net/c/feedback), or Appeals (regarding admin/moderator actions).

Discussion regarding these will be within nested threads under the post.

To gain matrix verification, all you need to do is navigate to my hexbear userprofile and click the send a secure private message including your hexbear username.

founded 4 years ago
MODERATORS
Ryaina@hexbear.net
ella@hexbear.net
CARCOSA@hexbear.net
sweet_pecan@hexbear.net
17
removed externally hosted image (lemmy.sdf.org)
submitted 2 years ago by wesker@lemmy.sdf.org to c/hexbear@hexbear.net
9 comments fedilink hide all child comments
 

I've noticed any time I try to share a picture with your instance it is filtered and replaced with *removed externally hosted image*. Seems a fairly stifling design choice, if federation is gonna be successful. Why won't you let me love you?

top 9 comments
sorted by: hot top controversial new old
[–] BoarAvoir@hexbear.net 20 points 2 years ago (1 children)

As others have mentioned, that was implemented in a hurry due to tightening up security and safety around embedded images. I've brought it up to the devs to hopefully rectify, as if an instance is trustworthy enough to federate with (aka, not actively malicious) then it is probably safe to show their embeds (behind a blur).

At the latest, this restriction will go away when lemmy upgrades to pictrs 0.5 which will support proxying image requests, but unless there are objections from the rest of the team we will likely add all federated instances to the image allowlist before then.

[–] wesker@lemmy.sdf.org 5 points 2 years ago

Thank you for the technical explanation, I understand now the current state.

[–] LesbianLiberty@hexbear.net 19 points 2 years ago (2 children)

AFAIK we have that enabled because there are tons of exploits that can happen when an image is loaded, namely IP Grabbing. Hopefully one day there'll be a built in function on Lemmy that allows images to be scraped and re-hosted on Hexbear so we don't have to think about its

[–] wesker@lemmy.sdf.org 8 points 2 years ago (1 children)

I get that. Unfortunately it breaks a large piece of functionality. Any time I try to share a local picture, it's going to by default be uploaded to my home instance.

[–] iridaniotter@hexbear.net 3 points 2 years ago (1 children)

I guess upload to imgur and hyperlink for now?

[–] wesker@lemmy.sdf.org 9 points 2 years ago (1 children)

I appreciate the suggestion. However imgur is gonna try to scrape 10x the info from anyone that visits that link, than allowing an inline image from my home instance. And I can't be that monster.

[–] iridaniotter@hexbear.net 2 points 2 years ago

Argh how frustrating!

[–] JoeByeThen@hexbear.net 2 points 2 years ago

This would be preferable.

[–] Finger@hexbear.net 7 points 2 years ago

no more half measures walter