this post was submitted on 06 Aug 2022
21 points (92.0% liked)
Lemmy
12510 readers
11 users here now
Everything about Lemmy; bugs, gripes, praises, and advocacy.
For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Content Security Policy, this defines which domains may be used from the main site domain, this blocks different kinds of attacks but has the effect that random domains cannot be embedded
So it can be solved by whitelisting known safe domains such as catbox.moe who provides sharing media and such!
that would be possible, it would require "trusted" embed sources, e.g. youtube or catbox or whatever. i know of another reddit type clone site which has their own official video host and pic host that allow embed but they block others
this would have to be the same on all instances for federated articles to work, so that would be a problem