Bookmarks tagged security

Rebased: Bypassing user and domain fetch blocks
24 Jan gitlab.com
"Threads.net has joined the Fediverse, and it is already blocking some servers. It uses a feature called Authorized fetch to ensure those servers cannot even fetch content from Threads. If your server is blocked, you can work around it by configuring a separate domain on your Rebased install to use only for fetching data."
#fediverse + #security
URLInputSource can be abused to retrieve arbitrary documents if used naïvely
22 Nov 2023 github.com
Describes 5 potential attacks related to context retrieval.
#json-ld + #security
Guide to implementing OAuth 2.0 (with examples)
18 Sep 2023 infisical.com
Learn how to implement the OAuth 2.0 protocol with practical examples and important nuances you should be aware of.
#oauth2 + #security
OAuth 2.0 Simplified
18 Sep 2023 www.oauth.com
OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server.
#oauth2 + #security
SocialCG/ActivityPub/Authentication Authorization
18 Sep 2023 www.w3.org
(2017) Unofficial (non-normative) discussion of authentication and authorization for ActivityPub.
#activitypub + #security