Currently, when federating with other servers, Hollo loads external media files (such as avatars, header images, and attached media) directly from their original remote URLs. This direct-loading approach causes a couple of significant issues:
-
CORS Restrictions
- Some remote servers or object storage instances have strict, or sometimes unintentionally restrictive
Access-Control-Allow-Origin configurations. This can prevent images from loading properly on the client side, complicate caching mechanisms, and break various UI components that need to read or process the image data.
-
Security & Privacy Risks
- Allowing the browser to fetch media directly from untrusted remote servers exposes the user's IP address to third parties. It also introduces the risk of the browser directly loading exploit payloads or tracking pixels disguised as media files.
To address these issues, I propose adding a media proxy feature, similar to those adopted by Misskey and other federated platforms.
(Note: The text of this issue was drafted with the assistance of an AI.)
Currently, when federating with other servers, Hollo loads external media files (such as avatars, header images, and attached media) directly from their original remote URLs. This direct-loading approach causes a couple of significant issues:
CORS Restrictions
Access-Control-Allow-Originconfigurations. This can prevent images from loading properly on the client side, complicate caching mechanisms, and break various UI components that need to read or process the image data.Security & Privacy Risks
To address these issues, I propose adding a media proxy feature, similar to those adopted by Misskey and other federated platforms.
(Note: The text of this issue was drafted with the assistance of an AI.)