Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
en.osm.town is one of the many independent Mastodon servers you can use to participate in the fediverse.
An independent, community of OpenStreetMap people on the Fediverse/Mastodon. Funding graciously provided by the OpenStreetMap Foundation.

Administered by:

Server stats:

261
active users

en.osm.town: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#cookie

2 posts2 participants1 post today
Public
Felix Palmen :freebsd: :c64:

Just released: #swad 0.5

swad is the "Simple Web Authentication Daemon", meant to add authentication using a #cookie and a #login form to your reverse proxy. It's designed for #nginx' "auth_request" module. It's written in pure #C with very few external dependencies (zlib, and depending on build options OpenSSL/LibreSSL and #PAM).

And with this release, it also allows guest logins using the crypto puzzle you may already know from #Anubis!

Read more in the release notes, grab the .tar.xz and build/install it 😎

github.com/Zirias/swad/release

Public
Felix Palmen :freebsd: :c64:

Just released: #swad v0.3!

github.com/Zirias/swad/release

swad is the "Simple Web Authentication Daemon", your tiny, efficient and (almost) dependency-free solution to add #cookie + login #form #authentication to whatever your #reverse #proxy offers. It's written in pure #C, portable across #POSIX platforms. It's designed with #nginx' 'auth_request' in mind, example configurations are included.

This release brings a file-based credential checker in addition to the already existing one using #PAM. Also lots of improvements, see details in the release notes.

I finally added complete build instructions to the README.md:

github.com/Zirias/swad

And there's more documentation available: manpages as well as a fully commented example configuration file.

Public
Felix Palmen :freebsd: :c64:

Just released: #swad v0.2

SWAD is the "Simple Web Authentication Daemon", meant to add #cookie #authentication with a simple #login form and configurable credential checker modules to a reverse #proxy supporting to delegate authentication to a backend service, like e.g. #nginx' "auth_request". It's a very small piece of software written in pure #C with as little external dependencies as possible. It requires some #POSIX (or "almost POSIX", like #Linux, #FreeBSD, ...) environment, OpenSSL (or LibreSSL) for TLS and zlib for response compression.

Currently, the only credential checker module available offers #PAM authentication, more modules will come in later releases.

swad 0.2 brings a few bugfixes and improvements, especially helping with security by rate-limiting the creation of new sessions as well as failed login attempts. Read details and grab it here:

github.com/Zirias/swad/release

New features: Configurable rate-limits for new session creation Configurable rate-limits for failed login attempts (per session, realm and user name) Configurable types of proxy headers (X-Forward...
GitHubRelease swad 0.2 · Zirias/swadNew features: Configurable rate-limits for new session creation Configurable rate-limits for failed login attempts (per session, realm and user name) Configurable types of proxy headers (X-Forward...
Public
Felix Palmen :freebsd: :c64:

Released: #swad v0.1 🥳

Looking for a simple way to add #authentication to your #nginx reverse proxy? Then swad *could* be for you!

swad is the "Simple Web Authentication Daemon", written in pure #C (+ #POSIX) with almost no external dependencies. #TLS support requires #OpenSSL (or #LibreSSL). It's designed to work with nginx' "auth_request" module and offers authentication using a #cookie and a login form.

Well, this is a first release and you can tell by the version number it isn't "complete" yet. Most notably, only one single credentials checker is implemented: #PAM. But as pam already allows pretty flexible configuration, I already consider this pretty useful 🙈

If you want to know more, read here:
github.com/Zirias/swad

GitHubGitHub - Zirias/swad: Simple Web Authentication DaemonSimple Web Authentication Daemon. Contribute to Zirias/swad development by creating an account on GitHub.
Public
utzer [Pleroma]
Ich wollte nur ein #Rezept für #Pasta. Bekommen hab ich:
• 7 #SEO-optimierte Pseudo-Blogs mit 30.000 Zeichen Lebensgeschichte
• 4 Seiten mit 37 Werbebannern pro Scroll
• 3 #Affiliate-Schleudern mit Amazon-Links zu Knoblauchpressen
• und einen #Cookie-Banner, der mich emotional erpressen will.

Am Ende hab ich ein #LLM gefragt – nicht, weil’s schöner ist, sondern weil die #Suchmaschine kaputt ist. Willkommen im #BullshitWeb: Wenn du nicht klickst, existierst du nicht. Und wenn du klickst, willst du danach eigentlich nur noch offline leben.
Public
Stiftung Datenschutz

📢Österreich: VwGH-Entscheidung zu #Cookie-Bannern

Der VwGH bestätigt: Eine erschwerte Cookie-Ablehnung verstößt gegen die #DSGVO.🔗ris.bka.gv.at/Dokument.wxe?Abf

@privacyDE (Stiftung Datenschutz):

„Noch immer verstoßen viele Cookie-Banner gegen gesetzliche Vorgaben. Oft wird die Ablehn-Funktion hinter sog. Dark Patterns versteckt. Dabei handelt es sich um ein Design, das das Auffinden der Ablehn-Funktion erschwert. Die österreichische Entscheidung stärkt das Recht der Nutzenden.“

ris.bka.gv.atRIS - Ra 2024/04/0424 - Entscheidungstext - Verwaltungsgerichtshof (VwGH)
#TeamDatenschutz
Public *
Frederik Borgesius

New pre-print online:

‘The EU Digital Services Act: what does it mean for online advertising and adtech?’

By Pieter Wolters and me.

We explore the question: what does the Digital Services Act mean for online advertising?

We show that some types of ad tech companies, such as ad networks, should be considered platforms.

Comments are welcome! It's a pre-print, so we can still improve it.

arxiv.org/abs/2503.05764

Screenshot of the paper abstract. It says: 'We describe and analyse the DSA rules that are most relevant for online advertising and adtech (advertising technology). We also highlight to what extent the DSA's advertising rules add something to the rules in the General Data Protection Regulation (GDPR) and the ePrivacy Directive. The DSA introduces several specific requirements for online advertising. First, the DSA imposes transparency requirements in relation to advertisements. Second, very large online platforms (VLOPs) should develop a publicly available repository with information about the ads they presented. Third, the DSA bans profiling-based advertising (behavioural advertising) if it uses sensitive data or if it targets children. Besides these specific provisions, the general rules of the DSA on illegal content also apply to advertising. Advertisements are a form of information, and thus subject to the general DSA rules. Moreover, we conclude that the DSA applies to some types of ad tech companies. For example, ad networks, companies that connect advertisers to publishers of apps and websites, should be considered platforms. Some ad networks may even qualify as VLOPs. Hence, ad networks must comply with the more general obligations in the DSA. The application of these general rules to advertisements and ad networks can have far-reaching effects that have been underexplored and deserve further research.' (We deleted some sentences here because of the word limit)
#eu#law#dsa
ExploreLive feeds
About