Pitch
The config flag DISALLOW_UNAUTHENTICATED_API_ACCESS (in conjunction with AUTHORIZED_FETCH which allows admins to enable so called "secure mode" requiring REST/Streaming API access) blocks public page previews unless the content is fetched via ActivtyPub (or the user is local).
At the moment, when visiting a user profile (via a web browser) on a server with these config flags enabled, you receive the 401 This method requires an authenticated user message - but as soon as you receive it, the web app makes another request for the same endpoint .../api/v1/accounts/1/statuses?exclude_replies=true and the message repeats and then the fetch repeats... - all without giving a clue as to why you are receiving the message.
The web app needs to recognise this status an show a more user friendly option similar to the remote follow modal:
| This page cannot be shown publicly |
| This instance has blocked public access . |
| To view this page, you will need a Mastodon account either on this server or use your existing account hosted by another Mastodon server or compatible platform if you don't have an account on this one. |
| On this server |
On a different server |
| Sign in |
Copy and paste this URL into the search field of your favourite Mastodon app or the web interface of your Mastodon server |
| Create account |
https://example.com/@profile [Copy] |
Motivation
This feature is needed to:
- Stop many many many API requests to profile pages on these instances
- Be clear to users as to why they cannot see the content to reduce confusion
Pitch
The config flag DISALLOW_UNAUTHENTICATED_API_ACCESS (in conjunction with AUTHORIZED_FETCH which allows admins to enable so called "secure mode" requiring REST/Streaming API access) blocks public page previews unless the content is fetched via ActivtyPub (or the user is local).
At the moment, when visiting a user profile (via a web browser) on a server with these config flags enabled, you receive the
401 This method requires an authenticated usermessage - but as soon as you receive it, the web app makes another request for the same endpoint .../api/v1/accounts/1/statuses?exclude_replies=true and the message repeats and then the fetch repeats... - all without giving a clue as to why you are receiving the message.The web app needs to recognise this status an show a more user friendly option similar to the remote follow modal:
Motivation
This feature is needed to: