Thomas Steiner (@tomayac)

@firt Absolutely. Thatâ€™s completely not working as intended. But one step earlier: probably file:// URLs should not have been shareable to begin with and throw an error instead, since your file:// isnâ€™t accessible to me, so (to me) it doesnâ€™t make (

11:56 PM, Aug 25th, 2020 via Twitter for iPhone in reply to firt

@firt Thatâ€™s my worry, too. If so, it just takes someone with a jailbroken device to figure out interesting files and their paths to shareâ€¦ This is a surprisingly easy attack. I checked the spec (https://t.co/x9waELmlx5 â†’ https://t.co/2b3vMNDP9O), a

11:50 PM, Aug 25th, 2020 via Twitter for iPhone

@srescio @raymondcamden Yes, browsers other than Safari on iOS internally use WKWebView, and the Web Share API is exposed there (https://t.co/A7rVyX9fEB). I just tested this on Chrome for iOS.

11:38 PM, Aug 25th, 2020 via Echofon

Wow, this Web Share API bug â¤µï¸ is concerning.

const pwn = () => {
navigator.share({
text: ‘Check out this cute kitten!’,
url: ‘file:///etc/passwd’,
});
};

Turns out Safari actually shares the _contents_ of /etc/passwords, and allows for

11:27 PM, Aug 25th, 2020 via Echofon

Fast, personalized, and private by design on all platforms: introducing a new ðŸ¦Š @Firefox for Android experience. This looks pretty exciting, and it includes access to some popular extensions like uBlock Origin. https://t.co/k9zZLrSNBd

11:06 PM, Aug 25th, 2020 via Twitter for iPhone

@felipehoffa @takidau @ElliottBrossard @SnowflakeDB Congratulations on the new role! ðŸŽˆ

10:57 PM, Aug 25th, 2020 via Echofon in reply to felipehoffa

@Rich_Harris @mathias @AMPhtml Oh, tracked as https://t.co/r109zlqzq9 already. Didnâ€™t see all thread responses, sorry.

10:55 PM, Aug 25th, 2020 via Echofon

@Rich_Harris @mathias Have you filed an @AMPhtml bug? The team has been really responsive when I filed the infamous âš¡ï¸ issue (https://t.co/snoUxhbCxz).

10:48 PM, Aug 25th, 2020 via Echofon

@rustybrick @victorpan Obviously the Chrome extension (https://t.co/A1WGHGfady) works on Edge, too, but if you prefer staying in the Edge ecosystem, you can install Link to Text Fragment from the Edge Add-on Store: https://t.co/EwRQZiWC4H. And, shh ðŸ¤«,

9:08 PM, Aug 25th, 2020 via Twitter for iPhone

taybenlor Just used @samthor’s “Undoer” (github.com/samthor/undoer) to add native cmd+z undoing to a web app. So exceedingly smooth and easy. Web is good.

2:09 PM, Aug 25th, 2020 via Twitter Web App (retweeted on 3:10 PM, Aug 25th, 2020 via Echofon)

@lilyraynyc #:~:text=insert%20your%20words works as long as â€œinsert your wordsâ€ appears exactly once on a page. Sometimes you want to link to a _specific_ instance of ambiguous text. This is where Link to Text Fragment excels: https://t.co/yLeEpp49E3.

1:07 PM, Aug 25th, 2020 via Twitter Web App

@cemper Thanks for the shoutout! ðŸ˜Š

8:37 AM, Aug 25th, 2020 via Echofon

RT @samthor: Hey web Twitter ðŸ•¸ï¸, I wrote a post on better understanding `load` and `DOMContentLoaded`, mostly around why they’re not alwaysâ€¦

8:35 AM, Aug 25th, 2020 via Echofon

← August 24th August 26th →