lil5 :golang: 🌱 on Nostr: CRCF attacks are a limitation to cookie authentication, but that shouldn’t mean we ...
CRCF attacks are a limitation to cookie authentication, but that shouldn’t mean we should only use localstorage for our tokens, it should be a mix, cookies for session, localstorage for api/form requests
Published at
2024-10-04 14:14:09Event JSON
{
"id": "068b16db22bb067f1dab1d6990d1c7af89906f232c0b32ed2a7260993f976705",
"pubkey": "8ed343402c9ab3f96b13db31a354714b291ce0282425f449d6e03c9f6cce4f0c",
"created_at": 1728051249,
"kind": 1,
"tags": [
[
"proxy",
"https://fosstodon.org/@lil5/113249566685382543",
"web"
],
[
"proxy",
"https://fosstodon.org/users/lil5/statuses/113249566685382543",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://fosstodon.org/users/lil5/statuses/113249566685382543",
"pink.momostr"
],
[
"-"
]
],
"content": "CRCF attacks are a limitation to cookie authentication, but that shouldn’t mean we should only use localstorage for our tokens, it should be a mix, cookies for session, localstorage for api/form requests",
"sig": "10603daf30ac0baaa05244d8694e332c17de1e190f330f1b7b103dac7c84bae16ba6f6c5da3e33f40b1c2dba638ea03b4e052d7c5ef6b223080e431d7cb4fc02"
}
