@malwaretech seems like passing the link metadata along with message content would probably be a good idea
@sam @malwaretech "manually" editing the metadata probably would end in abuse/phishing 🤔
@melizeche @malwaretech that would require the instance itself to be acting maliciously though, right? I, as a tooter, can't manipulate that metadata
@sam @malwaretech it would depend if the metadata collection is done in the client or in the server
But as an admin of a instance you could mess with that, like for all users of the instance
Even worse, you could mess with it for all people who view a post made on your instance. So, if fedi instance evil.com publishes a post with a link to good.com, evil.com could choose to include a fake preview and have every other instance display that fake preview. Now, when I see a preview of good.com, I expect that this preview can be manipulated only by good.com and _my_ instance.
Please note that I'm *not* talking about trusting your own instance, but post author's instance.
@robryk @melizeche @malwaretech oh ok i gotcha, misread