I do not, ActivityPub uses HTTP signatures to make sure messages and requests from other servers are legit,
Essentially, it adds a “signature” header which contains a link to a users public key, a list of headers in the message and a signed hash of all the headers and the request.
A delicated bot to scrape ActivityPub posts is possible, but generic bots shouldn’t work. If a delicated bot is made, people can block its keys or server anyway.
I do not, ActivityPub uses HTTP signatures to make sure messages and requests from other servers are legit,
Essentially, it adds a “signature” header which contains a link to a users public key, a list of headers in the message and a signed hash of all the headers and the request.
There’s a better explaination here: https://docs.joinmastodon.org/spec/security/
A delicated bot to scrape ActivityPub posts is possible, but generic bots shouldn’t work. If a delicated bot is made, people can block its keys or server anyway.
Signatures are only used to deliver activities to inboxes. The Activitypub json data of posts is usually available without any auth.
A lot of servers require signatures on GET requests as well, for private posts and to block specific people/servers.
Sorry, forgot to whom I was speaking.