• RonSijm@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Really neat, was hoping someone would build something like this. I’m not the biggest fan of the default Lemmy skin.

    But the login is a bit sketchy… I checked the network, and logging in just sends your credentials to their site (POST https://mlmym.org/programming.dev/) with the password in cleartext.

    Not saying that the developer has any bad intentions, but if anything is misconfigured, like nginx logging incoming requests or something, it would be a security disaster if someone would somehow be able to access it

    I don’t know if this is a limitation of Lemmy / ActivityPub but I’d prefer if the auth happened directly to the Lemmy instance.

  • mark@programming.dev
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    Looked around and it’s impressive they were able to replicate so much functionality! It doesnt seem to federate with other fedi platforms, though. At least it doesnt with Lemmy.