Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add peers API endpoint toggle to Server Settings #22810

Merged
merged 2 commits into from Jan 13, 2023
Merged

Add peers API endpoint toggle to Server Settings #22810

merged 2 commits into from Jan 13, 2023

Conversation

dariusk
Copy link
Contributor

@dariusk dariusk commented Dec 28, 2022
edited

This PR adds back the admin panel toggle for the api/v1/instance/peers endpoint, which was removed in #19407. It lives under Administration -> Site Settings -> Discovery.

image

This also expands the hint text to explain further what the endpoint is used for. Added a "Recommended" tag since it was recommended in v3 before it was removed.

Fixes #22222

@dariusk
Add peers endpoint toggle to Server Settings
e7bbb66 
This places the toggle under "Discovery" and expands the hint text to explain further what the endpoint is used for. Added a "Recommended" tag since it was recommended in v3 before it was removed.

Fixes mastodon#22222
@dariusk
i18n normalize step
254b89b
@dariusk dariusk mentioned this pull request Dec 28, 2022
Closed
@PinballsWizard
Copy link

Out of curiosity, is it possible to also restore activity_api_enabled (provides api/v1/instance/activity) which was similarly removed from the admin interface in the same change as peers_api_enabled?

@dariusk
Copy link
Contributor Author

dariusk commented Dec 29, 2022

@PinballsWizard Oh, good idea. I will certainly implement that in Hometown, and I will make a similar PR here too.

@dariusk
Copy link
Contributor Author

dariusk commented Dec 29, 2022

@PinballsWizard Done! See #22833

@dariusk
Copy link
Contributor Author

dariusk commented Dec 29, 2022

@Gargron I have noticed that the peers endpoint does not show suspended or silenced domains. Is that intended? If so I may need to change the wording here because that is an indirect information leakage about who you federate with.

For example, if mastodon.social is missing from the list, you could of course claim that your server has never discovered it, but that seems highly unlikely and someone could reasonably infer from peers that you block or silence the server.

@PinballsWizard PinballsWizard mentioned this pull request Dec 30, 2022
Merged
@ineffyble
Copy link
Member

@dariusk My understanding is that is intended, and I recently made a PR to fix the Misskey implementation to match.

ClearlyClaire
ClearlyClaire approved these changes Jan 2, 2023
View reviewed changes
Copy link
Contributor

@ClearlyClaire ClearlyClaire left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure “Discovery” (maybe a new “Other” section would make more sense) is the right fit for it, but otherwise I'm all for it.

@ClearlyClaire
Copy link
Contributor

@Gargron I have noticed that the peers endpoint does not show suspended or silenced domains. Is that intended? If so I may need to change the wording here because that is an indirect information leakage about who you federate with.

For example, if mastodon.social is missing from the list, you could of course claim that your server has never discovered it, but that seems highly unlikely and someone could reasonably infer from peers that you block or silence the server.

It is intended, as you don't want to make blocked servers any easier to discover, and a while ago, people misinterpreted the peers list to mean those were instances you were actively peering with.

@dariusk
Copy link
Contributor Author

dariusk commented Jan 3, 2023

It is intended, as you don't want to make blocked servers any easier to discover, and a while ago, people misinterpreted the peers list to mean those were instances you were actively peering with.

Just to be clear, I think this makes blocked servers easier to discover than simply listing out all known servers (through inference, as I mentioned in my example of mastodon.social) -- but also, yeah, I could see people interpret it as a list of servers you federate with and misunderstandings arising from that. I also certainly don't want my server potentially advertising the existence of the domains I have blocked. So I think the filtering of the list is a compromise but a decent one.

@ineffyble
Copy link
Member

It creates plausible deniability, which is enough. Maybe less plausible in the case of mastodon.social, but honestly I don't think anyone cares if someone's suspended m.s.

@Gargron Gargron merged commit d35fe3d into mastodon:main Jan 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gargron Gargron Gargron approved these changes

@ClearlyClaire ClearlyClaire ClearlyClaire approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

/api/v1/instance/peers should be optional even on non-allowlist instances
5 participants
@dariusk @PinballsWizard @ineffyble @ClearlyClaire @Gargron