←back to thread

Google flags Immich sites as dangerous

(immich.app)
1021 points janpio | 1 comments | 22 Oct 25 20:53 UTC | HN request time: 0.936s | source
Show context
arccy ◴[22 Oct 25 23:30 UTC] No.45676475[source]
If you're going to host user content on subdomains, then you should probably have your site on the Public Suffix List https://publicsuffix.org/list/ . That should eventually make its way into various services so they know that a tainted subdomain doesn't taint the entire site....
replies(16): >>45676781 #>>45676818 #>>45677023 #>>45677080 #>>45677130 #>>45677226 #>>45677274 #>>45677297 #>>45677341 #>>45677379 #>>45677725 #>>45677758 #>>45678975 #>>45679154 #>>45679258 #>>45679802 #
CaptainOfCoit ◴[23 Oct 25 01:08 UTC] No.45677080[source]
I think it's somewhat tribal webdev knowledge that if you host user generated content you need to be on the PSL otherwise you'll eventually end up where Immich is now.

I'm not sure how people not already having hit this very issue before is supposed to know about it beforehand though, one of those things that you don't really come across until you're hit by it.

replies(5): >>45677097 #>>45677221 #>>45677257 #>>45680916 #>>45681051 #
tonyhart7 ◴[23 Oct 25 01:39 UTC] No.45677257[source]
so its skill issue ??? or just google being bad????
replies(1): >>45677435 #
yndoendo ◴[23 Oct 25 02:15 UTC] No.45677435[source]
I will go with Google being bad / evil for 500.

Google 90s to 2010 is nothings like Google 2025. There is a reason they removed "Don't be evil" ... being evil and authoritarian makes more money.

Looking at you Manifest V2 ... pour one out for your homies.

replies(3): >>45677808 #>>45677823 #>>45678538 #
1. lucideer ◴[23 Oct 25 05:45 UTC] No.45678538[source]
Don't get me wrong, Google is bad/evil in many ways, but the public suffix list exists to solve a real risk to users. Google is flagging this for a legit reason in this particular case.