web dracat
•
made:
internet-ti.me, @Watch, Wayback Classic, etc.
•
avatars appearing:
in 2D by nox lucent
in 3D by Zcythe
•
"If it were me, I'd have [changed] her design to make [her species] more visually clear" - some internet rando
•
I post embeds of other peoples' things at @ticky-reposts
i got a good one recently - PayPal money request for about $1500 from "Don't recognize this transaction? Call PayPal 1-855-<not their support line>. Apple Store"
proud of the spammers for figuring out injection attacks I guess
still can’t believe we let websites do this at all. I know some developers pillory Safari for not supporting WebUSB or whatever zany thing Chrome came up with this week, but there are a bunch of places it’s hard to argue it shouldn’t have drawn a stricter line.
the good news is the standardised web notification API avoids this by prompting the user with the site domain, not an arbitrary site name like this, may this Safari-specific thing be deprecated out of existence soon
Ah, I just looked it up and apparently before WN-API, Apple had SPN, which used the Apple Push Notifications service. Interesting choice.
Seems WN-API was added in Safari 16, which is, er, the contemporary Safari, and Apple docs recommend (currently) to continue using SPN if you were already using it, for the time being.
Let's hope that changes after this year's WWDC.
i can't believe sites can just do this now, this image makes me want to go feral
it's wild that the dark pattern of this notification message guides users to click Allow, when it ought to be doing the opposite
there is a reason safari has been disabled at every strict security company i've worked. it's got so many just wide open issues