nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpq9ve6074u75qp3d5gdcwxa2rk6j4fra0jyupx2d8h3cr2lkvge2rqr05u8c the only reason to exclude the /inbox route is if you are finding a lot of bots and sc...
@pasjrwoctx👽 Sorry, I mean the /inbox route from the check
$is_fediverse =
str_contains($request, '/.well-known/') ||
str_contains($request, '/activitypub/') ||
str_contains($request, '/api/') ||
str_contains($request, '/assets/') ||
str_contains($request, '/inbox');
You could also check for Request-Type headers.
A cookie can be faked, you should consider to store the OK in the session instead?
$is_fediverse =
str_contains($request, '/.well-known/') ||
str_contains($request, '/activitypub/') ||
str_contains($request, '/api/') ||
str_contains($request, '/assets/') ||
str_contains($request, '/inbox');
You could also check for Request-Type headers.
A cookie can be faked, you should consider to store the OK in the session instead?
2