Lartsch / FediAct

For some reason this extension breaks all usage of the Alkami software, which is used by tons of banks and credit unions. For some reason after login it redirects people to api/v1/instance despite Alkami not existing. I don't know why it redirects to that endpoint either, as that just seems weird.

From what I can see more than just Alkami software is affected. The login on login.ionos.de, also breaks.

My assumption is that the extra request on every load of any page breaks the login flow on the server side.

With some tinkering and "remembering" if a website is a mastodon instance or not this could be avoided and we could save unneeded requests to actual instances too.

FediAct/src/inject.js

Lines 1501 to 1507 in 75cd8bb

    
           // last check - and probably the most accurate to determine if it actually is mastadon 
        
           var requestUrl = location.protocol + '//' + location.hostname + instanceApi 
        
           // call instance api to confirm its mastodon and get normalized handle uri 
        
           var response = await requestAsyncLimited("GET", requestUrl, null, null) 
        
           // todo: add basic check for "mastodon" string in response 
        
           if (response) { 
        
           	var uri = JSON.parse(response).uri

As a temporary workaround, add the EXACT domain (so for my example "login.ionos.de") to the blacklist.

	// last check - and probably the most accurate to determine if it actually is mastadon
	var requestUrl = location.protocol + '//' + location.hostname + instanceApi
	// call instance api to confirm its mastodon and get normalized handle uri
	var response = await requestAsyncLimited("GET", requestUrl, null, null)
	// todo: add basic check for "mastodon" string in response
	if (response) {
	var uri = JSON.parse(response).uri

FediAct breaks common credit union banking software