MattiJarvinen
commented
6 years ago If this is still true, this must be fixed.
Open jomo opened 7 years ago
MattiJarvinen
commented
6 years ago If this is still true, this must be fixed.
Otherwise users could be forced to unwittingly follow users by embedding a follow link on a third party site.
For example embedding https://mastodon-bridge.herokuapp.com/friends/4512/follow as an image somewhere will cause you to follow me as soon as the page loads, without you knowing, when you're logged in to mastodon-bridge.