lowercase trans lesbian. queen of the stone age. makes (& makes love to) weird music, weird games, and weird women
• avatar by monday
i got a good one recently - PayPal money request for about $1500 from "Don't recognize this transaction? Call PayPal 1-855-<not their support line>. Apple Store"
proud of the spammers for figuring out injection attacks I guess
still can’t believe we let websites do this at all. I know some developers pillory Safari for not supporting WebUSB or whatever zany thing Chrome came up with this week, but there are a bunch of places it’s hard to argue it shouldn’t have drawn a stricter line.
the good news is the standardised web notification API avoids this by prompting the user with the site domain, not an arbitrary site name like this, may this Safari-specific thing be deprecated out of existence soon
Ah, I just looked it up and apparently before WN-API, Apple had SPN, which used the Apple Push Notifications service. Interesting choice.
Seems WN-API was added in Safari 16, which is, er, the contemporary Safari, and Apple docs recommend (currently) to continue using SPN if you were already using it, for the time being.
Let's hope that changes after this year's WWDC.
i can't believe sites can just do this now, this image makes me want to go feral
it's wild that the dark pattern of this notification message guides users to click Allow, when it ought to be doing the opposite