Thomas Steiner (@tomayac)

Now at @tomayac@toot.cafe

The below is an off-site archive of all tweets posted by @tomayac ever

August 25th, 2020

@rotexdegba @craigbuckler No, on Android the file:// URL gets shared as a literal string, whereas Safari shares the actual file contents.

via Twitter Web App in reply to rotexdegba

We now have 3 LGTMs for the Native File System API to ship: https://t.co/ITSLgvmzBU. This is _super_ exciting 😆 and probably the most popular Project Fugu 🐡 API to date. Here’s how you can use it today: https://t.co/shVZOeZ2mQ.

via Twitter for iPhone

@DasSurma ¯\_(ツ)_/¯ Well…

via Echofon in reply to DasSurma

@kristoferbaxter @RReverser Safari 14 additionally correctly reports image/webp as being supported. ✅

via Echofon in reply to kristoferbaxter

@firt Absolutely. That’s completely not working as intended. But one step earlier: probably file:// URLs should not have been shareable to begin with and throw an error instead, since your file:// isn’t accessible to me, so (to me) it doesn’t make (

via Twitter for iPhone in reply to firt

@firt That’s my worry, too. If so, it just takes someone with a jailbroken device to figure out interesting files and their paths to share… This is a surprisingly easy attack. I checked the spec (https://t.co/x9waELmlx5 → https://t.co/2b3vMNDP9O), a

via Twitter for iPhone

@srescio @raymondcamden Yes, browsers other than Safari on iOS internally use WKWebView, and the Web Share API is exposed there (https://t.co/A7rVyX9fEB). I just tested this on Chrome for iOS.

via Echofon

Wow, this Web Share API bug ⤵️ is concerning.

const pwn = () => {
navigator.share({
text: ‘Check out this cute kitten!’,
url: ‘file:///etc/passwd’,
});
};

Turns out Safari actually shares the _contents_ of /etc/passwords, and allows for

via Echofon

Fast, personalized, and private by design on all platforms: introducing a new 🦊 @Firefox for Android experience. This looks pretty exciting, and it includes access to some popular extensions like uBlock Origin. https://t.co/k9zZLrSNBd

via Twitter for iPhone

@Rich_Harris @mathias @AMPhtml Oh, tracked as https://t.co/r109zlqzq9 already. Didn’t see all thread responses, sorry.

via Echofon

@Rich_Harris @mathias Have you filed an @AMPhtml bug? The team has been really responsive when I filed the infamous ⚡️ issue (https://t.co/snoUxhbCxz).

via Echofon

@rustybrick @victorpan Obviously the Chrome extension (https://t.co/A1WGHGfady) works on Edge, too, but if you prefer staying in the Edge ecosystem, you can install Link to Text Fragment from the Edge Add-on Store: https://t.co/EwRQZiWC4H. And, shh 🤫,

via Twitter for iPhone

taybenlor Just used @samthor’s “Undoer” (github.com/samthor/undoer) to add native cmd+z undoing to a web app. So exceedingly smooth and easy. Web is good.

via Twitter Web App (retweeted on 3:10 PM, Aug 25th, 2020 via Echofon)

@lilyraynyc #:~:text=insert%20your%20words works as long as “insert your words” appears exactly once on a page. Sometimes you want to link to a _specific_ instance of ambiguous text. This is where Link to Text Fragment excels: https://t.co/yLeEpp49E3.

via Twitter Web App

@cemper Thanks for the shoutout! 😊

via Echofon

RT @samthor: Hey web Twitter 🕸️, I wrote a post on better understanding `load` and `DOMContentLoaded`, mostly around why they’re not always…

via Echofon