ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "litepub": "http://litepub.social/ns#", "directMessage": "litepub:directMessage", "blurhash": "toot:blurhash", "focalPoint": { "@container": "@list", "@id": "toot:focalPoint" } } ], "id": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565", "type": "Note", "summary": null, "inReplyTo": null, "published": "2024-02-27T12:56:07Z", "url": "https://infosec.exchange/@j_opdenakker/112003551586323565", "attributedTo": "https://infosec.exchange/users/j_opdenakker", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/j_opdenakker/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2024-02-27:objectId=137370712:objectType=Conversation", "content": "<p>Password complexity policies and implementations episode 583.</p><p>In this example both UX and security (ok ok, admittedly a 72 character long password is quite secure ;)) are impacted.</p><p>But the point is you shouldn’t enforce such ‘low’ length limits. You might want to build in some length restriction though, as a DoS protection but that shouldn’t block people with a password manager that want to use 100 character long passwords.</p><p>Not going to rant again why but I suggest people to read publications like NIST 800-63B that specify guidelines about digital identity.</p><p>You actually need a lot less constraints than often are implemented in a lot of services, which also results in a better user experience.</p>", "contentMap": { "en": "<p>Password complexity policies and implementations episode 583.</p><p>In this example both UX and security (ok ok, admittedly a 72 character long password is quite secure ;)) are impacted.</p><p>But the point is you shouldn’t enforce such ‘low’ length limits. You might want to build in some length restriction though, as a DoS protection but that shouldn’t block people with a password manager that want to use 100 character long passwords.</p><p>Not going to rant again why but I suggest people to read publications like NIST 800-63B that specify guidelines about digital identity.</p><p>You actually need a lot less constraints than often are implemented in a lot of services, which also results in a better user experience.</p>" }, "attachment": [ { "type": "Document", "mediaType": "image/png", "url": "https://media.infosec.exchange/infosec.exchange/media_attachments/files/112/003/551/338/982/524/original/10a5efcd54560b76.png", "name": null, "blurhash": "U]JRaNayRjj[-;ayayj[00j[s:ayD%j[offQ", "width": 711, "height": 1150 } ], "tag": [], "replies": { "id": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565/likes", "type": "Collection", "totalItems": 4 }, "shares": { "id": "https://infosec.exchange/users/j_opdenakker/statuses/112003551586323565/shares", "type": "Collection", "totalItems": 0 } }