• cm0002@infosec.pubOPEnglish
      1·
      17 days ago

      It’s a feature of Lemmy where your instance will proxy image links for you, it can be useful in some cases to do things like bypass regional censorships (If you can access your home instance from your country, but not instance lemmy.example.com your home instance can proxy the image from lemmy.example.com so you can still see it (text is handled by federation already, so no proxy required for just text)) or to cache images in case an instance goes down

      But it seems to be poorly implemented where it’s end user experience is a pain at best, and the more aggressive it’s set the more annoying it is.

      Take for example this instance I’m currently on, infosec.pub, they seem to have it set to aggressively replace all image links including in comments no matter what.

      So now my attempt to reply to this comment https://infosec.pub/comment/20590443 is utterly broken because the image service just doesn’t like it despite me just wanting to link to the off-site gif link manually typing the markdown instead.

      This is what that gif looks like proxied:

      https://infosec.pub/api/v3/image_proxy?url=https%3A%2F%2Fi.ibb.co%2F8gHKNsT1%2Fmichael-scott-why.gif

      • StellarExtract@lemmy.zipEnglish
        1·
        17 days ago

        A good thing about proxying is that it prevents auto-loading of resources from potentially malicious domains. For instance, I could make an image comment containing an image link to a server I control. When you reply to my comment, since you clearly have seen my comment, I can now look at my server logs and see the IP addresses of everyone who viewed my image. I now know that your IP address is in that list.