Web-Environment-Integrity
Web-Environment-Integrity | standards-positions | |
---|---|---|
54 | 180 | |
536 | 598 | |
- | 1.0% | |
10.0 | 7.6 | |
6 months ago | 3 months ago | |
Python | ||
- | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Web-Environment-Integrity
-
Google apparently backs off on WEI
Repo has be archived - "NOTE: This proposal is no longer pursued."
https://github.com/RupertBenWiser/Web-Environment-Integrity
-
The boiling frog of digital freedom
[2] - https://github.com/RupertBenWiser/Web-Environment-Integrity/...
-
It's time we do a uno reverse to Web Integrity API
I think the best issue raised is: Why would I, as a user, want this?
https://github.com/RupertBenWiser/Web-Environment-Integrity/...
- Issues / Web-Environment-Integrity
-
EFF denounces Google's WEI proposal
There were proposals for protecting against this in the WEI explainer under "Open Questions" https://github.com/RupertBenWiser/Web-Environment-Integrity/...
-
Web Environment Integrity: Google strikes again
The Web Environment Integrity is yet another Google proposal for making the web worse for everyone but them.
-
Google’s Plan to DRM the Web Goes Against Everything Google Once Stood For
Point me to anything which would give websites access to that information via WEI. There is nothing. I have seen nothing except FUD. Aside from that, this only attests for the device. Ad-blockers can be external. This does nothing for external ad-blockers.
Explicit non-goals for WEI:
"Enforce or interfere with browser functionality, including plugins and extensions."
https://github.com/RupertBenWiser/Web-Environment-Integrity/...
-
With merge of this pull request, Brave Browser disables WebEnvironmentIntegrity
That also applies to Javascript, or being forced to use some form of an up-to-date browser. What is different with WEI?
I didn't see many people debating the actual text of the WEI explainer[0] on the HN posts about WEI, and that's probably because they were links to articles about WEI. The HN post for the explainer with the most upvotes only has 89[1], likely because most of HN treats the upvote as "I agree/like this" instead of "boost this topic for discussion".
0: https://github.com/RupertBenWiser/Web-Environment-Integrity/...
1: https://news.ycombinator.com/item?id=36785516
-
Adtech is built on a privacy fault line
> If you don't want my browser to render content as it sees fit, don't serve the content over a protocol where that dynamic is inherent.
to play the devil's advocate, this is why google proposed the WEI (https://github.com/RupertBenWiser/Web-Environment-Integrity/...). Be careful what you wish for...
-
The Right to Lie and Google’s “Web Environment Integrity”
https://github.com/RupertBenWiser/Web-Environment-Integrity/...
I stopped reading after the explainer’s intro section. The first example is making it easier for websites to sell adds (lmao) and the other 3 are extremely questionable whether if the proposed remedy even helps. And it’s presented as a benevolent alternative to browser fingerprinting, as if we must choose between these two awful choices. It’s an absolute joke of a proposal.
standards-positions
-
Firefox Webserial Addon
You can read through the conversations to understand more of the context
https://github.com/mozilla/standards-positions/issues/100#is...
https://github.com/mozilla/standards-positions/issues/95#iss...
https://github.com/mozilla/standards-positions/issues/336
The main struggle is around giving informed consent that explains the risks. Understandably, browsers don't want to ship a "Set my printer on fire" button.
-
iOS404
You can check why Mozilla and Apple have opted to not support this.
https://github.com/mozilla/standards-positions/issues/154
https://github.com/WebKit/standards-positions/issues/28
Neither Mozilla or Webkit are satisfied that the proposal is safe by default, and contains footguns for the user that can be pretty destructive.
-
Show HN: DualShock calibration in the browser using WebHID
FWIW Mozilla updated their position on Web Serial API to "neutral" and clarified that they might be okay with enabling the API with an add-on.
https://mozilla.github.io/standards-positions/#webserial
Allowing serial but not HID would be really strange. With HID you get standard identifiers that let you filter out devices that are too dangerous for the web. With serial you get nothing. Even if you know a device is dangerous, there's no way to protect users from it.
-
Tailwind CSS v4.0.0 Alpha
Hasn't FireFox been dragging their asses on @scope? https://github.com/mozilla/standards-positions/issues/472
It took years to just convince them of the need for it. And I'm not sure anyone got convinced vs Chrome had already shipped it and Safari has it planned so they caved in.
Hard to believe FireFox used to be a leader of the modern web.
-
An HTML Switch Control
As mentioned by others, OK idea, but not a fan that this isn't standardized. After a quick search+peruse, these seem to indicate that it's not around the corner either. Happy (/hope) to be corrected.
https://github.com/whatwg/html/issues/4180
https://github.com/mozilla/standards-positions/issues/990
-
Platform issues which disadvantage Firefox compared to first-party browsers
Mozilla's position on these specs is nicely outlined publicly and transparently as part of their standards-positions project: https://github.com/mozilla/standards-positions/issues/100
I'm kinda glad it's not implemented in my browser, to be honest, because the whole thing seems like a security nightmare.
It's a shame it impacts some hobby usecases, but I don't think this outweighs the reasoning set out on the GitHub issue.
-
What Progressive Web App (PWA) Can Do Today
This should have big warnings on it. Some of these are not web standards; they are features implemented unilaterally by Google in Blink that have been explicitly rejected by both Mozilla and Apple on privacy and security grounds.
Take Web Bluetooth, for example:
Mozilla:
> This model is unsustainable and presents a significant risk to users and their devices.
— https://mozilla.github.io/standards-positions/#web-bluetooth
Apple:
> Here are some examples of features we have decided to not yet implement due to fingerprinting, security, and other concerns, and where we do not yet see a path to resolving those concerns
— https://webkit.org/tracking-prevention/
This is Microsoft’s Embrace, Extend, and Extinguish bullshit applied to the web platform by Google. Google keeps implementing these things despite all other major rendering engines rejecting them, convinces people that they are part of the web, resulting in sites like this, then people start asking why Firefox and Safari are “missing functionality”. These are not part of the web platform, they are Google APIs that have been explicitly rejected.
-
Why Are Tech Reporters Sleeping on the Biggest App Store Story?
Is BLE a PWA requirement? I think they explained their position pretty well here, regardless of whether I agree:
https://github.com/mozilla/standards-positions/issues/95#iss...
-
Reason to Use Firefox Is Sync That Works
I took a glance at Can I Use what the difference between the last public release of Firefox and Chrome is [1] and they don't really have that big of a difference in the eyes of normal use-cases? Some of these aren't implemented purely because of privacy reasons, the proposals aren't finished yet or complexity [2].
Why would Firefox need to change to Chromium engine? The only websites I notice that don't work with Firefox is because of user-agent targetting or just putting 5-second time-outs in Youtube code on non-chrome webbrowsers [3].
Can you give some examples of websites not working on Firefox?
[1] https://caniuse.com/?compare=chrome+120%2Cfirefox+121&compar...
[2] https://mozilla.github.io/standards-positions/
[3] https://www.neowin.net/news/youtube-seemingly-intentionally-...
- Mozilla's Position on CSS Scope
What are some alternatives?
use-cases - Uses Cases for the Anti-Fraud CG
webcontainer-core - Dev environments. In your web app.
dillo-plus - A lightweight web browser based on Dillo but with many improvements, such as: support for http, https, gemini, gopher, epub, reader mode and more...
WHATWG HTML Standard - HTML Standard
SupplyChainAttacks
wpt - Test suites for Web platform specs — including WHATWG, W3C, and others
BrowserBoxPro - :cyclone: BrowserBox is Web application virtualization via zero trust remote browser isolation and secure document gateway technology. Embed secure unrestricted webviews on any device in a regular webpage. Multiplayer embeddable browsers, open source! [Moved to: https://github.com/BrowserBox/BrowserBox]
firefox-ios - Firefox for iOS
bikeshed - :bike: A preprocessor for anyone writing specifications that converts source files into actual specs.
WebKit - Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.
encrypted-media - Encrypted Media Extensions
Fakeflix - Not the usual clone that you can find on the web.