Your IP is visible

Anyone who comments can grab it

    • v9CYKjLeia10dZpz88iU@programming.devOP
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      4 months ago

      It’s not a huge risk. These images used to be in signatures on forums frequently. Though, I thought it was possible that some users might be surprised that an instance admin doesn’t need to disclose their IP for someone else to have access to it.

  • poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    This is fixed with Lemmy 0.19.4/5 on instances that have the new image proxy enabled.

  • refalo@programming.dev
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    How would an image know what the person’s lemmy username is? I assume it can’t directly know that?

    • v9CYKjLeia10dZpz88iU@programming.devOP
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      In another comment, I said

      I’m not logging them. Though I guess it’s possible someone could create a mostly private post and @ a user to have it show up in their inbox. The point being that some communities do not have many users, so the list of users will not be very long. There definitely are groups who have been granted much larger dragnets than the sizes of many communities here.

      Though, I agree, I think they’ll just have a list of IPs unless they’re using a browser that still supports third party cookies (and have other previous tracking information)

  • v9CYKjLeia10dZpz88iU@programming.devOP
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    4 months ago

    Your IP is visible

    Anyone who comments can grab it


    I noticed there doesn’t seem to be whitelisted image hosts, so it looks like any commenter can grab your IP. This might be obvious to people who have used forums in the past, but I think reddit used a whitelist. I thought some people might appreciate being reminded.

    • v9CYKjLeia10dZpz88iU@programming.devOP
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      I’m not logging them. Though I guess it’s possible someone could create a mostly private post and @ a user to have it show up in their inbox. The point being that some communities do not have many users, so the list of users will not be very long. There definitely are groups who have been granted much larger dragnets than the sizes of many communities here.

  • mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    I block off-site images. It gives a kind of interesting view into how my instance is handling things: Many comment/post images show up as blank placeholders, but some do render, letting me know that my local admins are either caching or proxying them. It’s mostly recent ones that show up, so I assume it’s a cache.