ATProto Browser

Experimental browser for the Atmosphere

Post

In which I survey CSRF countermeasures and existing Go libraries and propose we add CrossOriginForgeryHandler to net/http to solve this once and for all. Turns out there is no need for tokens or keys in 2025! Browsers just send a This-Is-CSRF header now. (Sort of.) https://github.com/golang/go/iss

May 7, 2025, 4:36 PM

Loading post...

Record data

{
  "uri": "at://did:web:kopper.d.on-t.work/app.bsky.feed.like/3lonh2dvpmd2k",
  "cid": "bafyreid3n7cfrkueagswaimjjezmk2qhn2hl7zh7uzabsgkgmsxcpybrey",
  "value": {
    "$type": "app.bsky.feed.like",
    "subject": {
      "cid": "bafyreigcrbyw6qrelmnnwajubzo6syxfcnv7r4j62mxzbeootvjplzeb4q",
      "uri": "at://did:plc:x2nsupeeo52oznrmplwapppl/app.bsky.feed.post/3loltfoh7ut2y"
    },
    "createdAt": "2025-05-08T08:01:07.688Z"
  }
}