I do not, ActivityPub uses HTTP signatures to make sure messages and requests from other servers are legit,
Essentially, it adds a “signature” header which contains a link to a users public key, a list of headers in the message and a signed hash of all the headers and the request.
A delicated bot to scrape ActivityPub posts is possible, but generic bots shouldn’t work. If a delicated bot is made, people can block its keys or server anyway.
I do not, ActivityPub uses HTTP signatures to make sure messages and requests from other servers are legit,
Essentially, it adds a “signature” header which contains a link to a users public key, a list of headers in the message and a signed hash of all the headers and the request.
There’s a better explaination here: https://docs.joinmastodon.org/spec/security/
A delicated bot to scrape ActivityPub posts is possible, but generic bots shouldn’t work. If a delicated bot is made, people can block its keys or server anyway.
Sorry, forgot to whom I was speaking.
Signatures are only used to deliver activities to inboxes. The Activitypub json data of posts is usually available without any auth.
A lot of servers require signatures on GET requests as well, for private posts and to block specific people/servers.