[chore] remove nollamas middleware for now (after discussions with a security advisor) (#4433)

i'll keep this on a separate branch for now while i experiment with other possible alternatives, but for now both our hacky implementation especially, and more popular ones (like anubis) aren't looking too great on the deterrent front: https://github.com/eternal-flame-AD/pow-buster Co-authored-by: tobi <tobi.smethurst@protonmail.com> Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4433 Co-authored-by: kim <grufwub@gmail.com> Co-committed-by: kim <grufwub@gmail.com>
2025-10-29 06:42:25 -05:00 · 2025-09-17 14:16:53 +02:00 · 2025-09-17 14:16:53 +02:00 · 6801ce299a
commit 6801ce299a
parent 247733aef4
28 changed files with 207 additions and 1395 deletions
--- a/docs/locales/zh/configuration/advanced.md
+++ b/docs/locales/zh/configuration/advanced.md
@ -149,21 +149,4 @@ advanced-csp-extra-uris: []
 # 选项: ["block", "allow", ""]
 # 默认: ""
 advanced-header-filter-mode: ""
-
-# 布尔值。启用基于工作量证明的爬虫威慑机制，
-# 作用于账户页和贴文页面。这将为每个 HTTP 客户端生成一个唯一确定
-# 的质询，需要由客户端在访问上述端点时完成。
-# 完成后，客户端会获得一个 Cookie，允许其在 1 小时窗口内免验证访问。
-#
-# 这样做的结果是，它理论上使得对这些端点的抓取在经济上变得不可行，
-# 同时对你自己的实例的性能影响可以忽略不计。
-#
-# 缺点是它要求客户端启用 JavaScript。
-#
-# 更多详情请查阅文档：
-# https://docs.gotosocial.org/zh-cn/latest/admin/scraper_deterrence
-#
-# 选项: [true, false]
-# 默认值: true
-advanced-scraper-deterrence: false
 ```