Have you considered adding CORS header (Access-Control-Allow-Origin: *) to avatar image responses? Gravatar uses it and it allows fetching avatars without cookies or any other tracking information through <img src="..." crossorigin=anonymous>
More details here: https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_settings_attributes
Yes! It works! Thank you. Now I can enable anonymous requests for avatar. For the record here’s my test page that shows that CORS works as expected:
A place for your photos and banter. Photog first is our motto
- photog.social doesn't monetize or profit off of your personal information
- Export and leave anytime
- Zero tolerance for harassment or bullying, if you do this your account will be deleted
- All content is ©️ each user and cannot be distributed or used without prior permission by the respective photog.social user
- By using this site you understand that it is not a backup or permanent repository for your information, statuses or media ; additionally, your media was downsized on original upload and is not exportable at this time upon transferring to new instance
- You may support the community by boosting and positively interacting with everyone
- No Loli
- No Bots w/o Approval
- Respect Others
If you're feeling like supporting the photog.social Mastodon instance monetarily, feel free to choose an option below.
We appreciate it and 💘 the support!