ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "Hashtag": "as:Hashtag" } ], "id": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890", "type": "Note", "summary": null, "inReplyTo": null, "published": "2025-05-16T06:29:37Z", "url": "https://mastodon.bsd.cafe/@zirias/114516097583061890", "attributedTo": "https://mastodon.bsd.cafe/users/zirias", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://mastodon.bsd.cafe/users/zirias/followers" ], "sensitive": false, "atomUri": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890", "inReplyToAtomUri": null, "conversation": "tag:bsd.cafe,2025-05-16:objectId=17041511:objectType=Conversation", "content": "<p>Good morning! ☕ </p><p>Now that I can&#39;t find any other bugs in <a href=\"https://mastodon.bsd.cafe/tags/swad\" class=\"mention hashtag\" rel=\"tag\">#<span>swad</span></a> any more, I&#39;m thinking again about how I could improve it.</p><p>Would anyone consider deploying it on a busy site right now? Either as a replacement for <a href=\"https://mastodon.bsd.cafe/tags/Anubis\" class=\"mention hashtag\" rel=\"tag\">#<span>Anubis</span></a> (proof-of-work against bots), or for simple non-federated <a href=\"https://mastodon.bsd.cafe/tags/authentication\" class=\"mention hashtag\" rel=\"tag\">#<span>authentication</span></a>, or maybe even both?</p><p>I&#39;m currently not sure how well it would scale. The reason is the design with server-side sessions, which is simple and very light-weight &quot;on the wire&quot;, but needs server-side RAM for each and every client. It&#39;s hard to guess how this would turn out on very busy sites.</p><p>So, I&#39;m thinking about moving to a stateless design. The obvious technical choice for that would be to issue a signed <a href=\"https://mastodon.bsd.cafe/tags/JWT\" class=\"mention hashtag\" rel=\"tag\">#<span>JWT</span></a> (Json Web Token), just like Anubis does it as well. This would have a few consequences though:</p><p>* OpenSSL/LibreSSL would be a hard build dependency. Right now, it&#39;s only needed if the proof-of-work checker and/or TLS support is enabled.<br />* You&#39;d need an X509 certificate in any case to operate swad, even without TLS, just for signing the JWTs.<br />* My current CSRF-protection would stop working (it&#39;s based on random tokens stored in the session). Probably not THAT bad, the login itself doesn&#39;t need it at all, and once logged in, the only action swad supports is logout, which then COULD be spoofed, but that&#39;s more an annoyance than a security threat... 🤔<br />* I would *still* need some server-side RAM for each and every client to implement the rate-limits for failed logins. At least, that&#39;s not as much RAM as currently.</p><p>Any thoughts? Should I work on going (almost) &quot;stateless&quot;?</p>", "contentMap": { "en": "<p>Good morning! ☕ </p><p>Now that I can&#39;t find any other bugs in <a href=\"https://mastodon.bsd.cafe/tags/swad\" class=\"mention hashtag\" rel=\"tag\">#<span>swad</span></a> any more, I&#39;m thinking again about how I could improve it.</p><p>Would anyone consider deploying it on a busy site right now? Either as a replacement for <a href=\"https://mastodon.bsd.cafe/tags/Anubis\" class=\"mention hashtag\" rel=\"tag\">#<span>Anubis</span></a> (proof-of-work against bots), or for simple non-federated <a href=\"https://mastodon.bsd.cafe/tags/authentication\" class=\"mention hashtag\" rel=\"tag\">#<span>authentication</span></a>, or maybe even both?</p><p>I&#39;m currently not sure how well it would scale. The reason is the design with server-side sessions, which is simple and very light-weight &quot;on the wire&quot;, but needs server-side RAM for each and every client. It&#39;s hard to guess how this would turn out on very busy sites.</p><p>So, I&#39;m thinking about moving to a stateless design. The obvious technical choice for that would be to issue a signed <a href=\"https://mastodon.bsd.cafe/tags/JWT\" class=\"mention hashtag\" rel=\"tag\">#<span>JWT</span></a> (Json Web Token), just like Anubis does it as well. This would have a few consequences though:</p><p>* OpenSSL/LibreSSL would be a hard build dependency. Right now, it&#39;s only needed if the proof-of-work checker and/or TLS support is enabled.<br />* You&#39;d need an X509 certificate in any case to operate swad, even without TLS, just for signing the JWTs.<br />* My current CSRF-protection would stop working (it&#39;s based on random tokens stored in the session). Probably not THAT bad, the login itself doesn&#39;t need it at all, and once logged in, the only action swad supports is logout, which then COULD be spoofed, but that&#39;s more an annoyance than a security threat... 🤔<br />* I would *still* need some server-side RAM for each and every client to implement the rate-limits for failed logins. At least, that&#39;s not as much RAM as currently.</p><p>Any thoughts? Should I work on going (almost) &quot;stateless&quot;?</p>" }, "attachment": [], "tag": [ { "type": "Hashtag", "href": "https://mastodon.bsd.cafe/tags/swad", "name": "#swad" }, { "type": "Hashtag", "href": "https://mastodon.bsd.cafe/tags/anubis", "name": "#anubis" }, { "type": "Hashtag", "href": "https://mastodon.bsd.cafe/tags/authentication", "name": "#authentication" }, { "type": "Hashtag", "href": "https://mastodon.bsd.cafe/tags/jwt", "name": "#jwt" } ], "replies": { "id": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890/replies?min_id=114516942639876453&page=true", "partOf": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890/replies", "items": [ "https://mastodon.bsd.cafe/users/zirias/statuses/114516942639876453" ] } }, "likes": { "id": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890/likes", "type": "Collection", "totalItems": 3 }, "shares": { "id": "https://mastodon.bsd.cafe/users/zirias/statuses/114516097583061890/shares", "type": "Collection", "totalItems": 1 } }