I notice often people might cross post something and say (for instance) cross posted from https://lemmy.ca/post/1916492 (random example which is the link that I just followed)
Is there any way to format a link like that so your home instance will just open it up so you’re still logged in and can interact with it?
The link I followed goes to the Canadian lemmy server but it’s actually looking at a post from beehaw.org, so it’s extra useless 😒
Eg, if we could use the !technology@beehaw.org part with an ID? something like 6769052!technology@beehaw.org and our home instance could parse it to a link, with some tools to make it easy to add?
EDIT: This isn’t a feature, but there is a github issue feature request at https://github.com/LemmyNet/lemmy/issues/2987 for exactly this
EDIT 2: appears to be a userscript solution, but i haven’t tried it. lives here though: https://git.kaki87.net/KaKi87/userscripts/src/branch/master/fediverseRedirector/README.md
I would prefer an OAuth-like solution where you can “Log in with” your home instance on other instances’ URLs.
Is there a way for your home instance to set a cross-site cookie, accessible by all federated servers, that would store its URL so that they automatically contact it for the login process? Setting up such a cookie should be optional but enabled by default on account creation, which would make federation very seamless. Ideally, it would happen without fetching JS from all federated servers, which would significantly load the tiny personal ones, although I doubt the technology is there.
Also, I assume that browsers block such cookies because they’ve been used to track people across websites.
And yeah, you could do that with browser extensions but you cannot get everyone to install one.
Is it so desirable to sent even more info, this time potentially non-public, if you decide to interact with the other instance?
This includes partial information about your online identity, namely identifying you uniquely. Not all instances should be considered trustworthy, so your log-in token may get re-used by a malicious instance to post things in your name here and there. Kind of a silly situation, favorable to spammers for example.
I don’t think the other site needs your login token. Assuming your home instance is
lemmy.menf.in
, I guess it would justlemmy.menf.in
lemmy.menf.in
that would verify your session with its own session token (if you don’t have automatic fediverse-wide login enabled, it will take you to a confirmation page first).lemmy.menf.in
. You can safely interact using your account now.Because the address bar URL remains the same, even non-technical users now understand that they’re viewing another instance while logged in via their own. Because this happens automatically for all instances whitelisted by
lemmy.menf.in
if you have automatic fediverse-wide login enabled, federation is now completely seemless and nobody complains. I understand that setting this up securely and compatibly might be difficult but could greatly simplify the UX because posts, comments, communities and user pages would have just one visible URL and no ambiguous IDs.Wouldn’t that overload popular instances even more? Right now, popular instances only need to accommodate their users, but with a “fediverse-wide” auth, soon they’ll also have to serve content to people who followed that popular link to their content?
I think the server load increase from cross-instance browsing will be low. The extra load only really comes when:
There’s also a question of perspective. If you approach federation with the mindset that it will be like the sort of SSO you get with using google products, microsoft ecosystem, or facebook to log in to many websites, then yes: it’s doesn’t look straightforward.
If you approach it with the perspective that the coupling between fediverse applications being more loosely coupled, and have the way email work in mind, then it is actually more natural. Each application can do their own thing, and provide all or partial compatibility with the fediverse. Think of a blog application, which rely on the fediverse only for the comment section of each blog posts, but also does other things specific to that application. Taking the example of email again, nobody thinks they should be able to log-in to microsoft outlook using their gmail account, or to gmail using their home-made account, in order to read and send emails.
There’s a narrative aspect to it too.