blog-indexeddb-safari-leaks-demo
WebKit
Our great sponsors
blog-indexeddb-safari-leaks-demo | WebKit | |
---|---|---|
23 | 151 | |
101 | 7,438 | |
0.0% | 2.8% | |
0.0 | 10.0 | |
over 1 year ago | 5 days ago | |
JavaScript | ||
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
blog-indexeddb-safari-leaks-demo
-
Why Browsers Are Essential to the Internet and How OS Are Holding Them Back
One benefit that immediately comes to mind is the ability to protect yourself against a major security flaw in Safari:
https://safarileaks.com/
Apple did issue a fix after a few weeks but with no alternative browser engines the only alternative was “don’t use the web on your iPhone”, which is absurd.
Other user benefits might include better performance, more capabilities (it took Apple years to implement WebRTC, for example) and in general more competition that might spur Safari into becoming a better browser.
-
Google says Chrome 99 is the fastest web browser available on Mac
Assuming it's not straight up broken once again, like when localStorage was bugged and browser data would get lost last year or when indexedDb was broken und would leak data.
-
will my isp send an angry letter to my parents since I frequently download roms without a vpn?
see: https://safarileaks.com/
-
Update for Security?
I researched the Safari vulnerability, and yes, this appears to only affect iOS 15 devices. The message on https://safarileaks.com/ states "Your browser is not affected. Please open this demo in..... any any browser on iOS and iPadOS 15." Good to know!
-
Is Apple still supporting Safari? Serious question
Are you talking about this? Apple fixed it about a week ago with the release of macOS 12.2.
- Dozens of U.S. states say Apple stifles competition, back ‘Fortnite' maker
-
Can’t Edit Shared Numbers Document
In the past, there were a few (though rare) cases where Apple has even patched unsupported versions. It probably depends on how easy it is for them. But for the most recent problems, like this and that, there are no fixes beyond Catalina.
-
Epic gets 35 attorneys general to support its Apple App Store appeal — “Apple’s conduct has harmed and is harming mobile app developers”
Safari is a dumpster fire right now.
-
macOS Monterey 12.2 Update is now Available! What's New?
safarileaks.com security vulnerability fixed in Safari 15.3
-
No title or search on Safari tabs, when layout is separate
The IndexedDB issues. Fixing things takes times, but it's crazy that's its taken 2 months even for a response
WebKit
-
GPU Compute in the Browser at the Speed of Native: WebGPU Marching Cubes
Multiple engineers are working on adding it back: https://github.com/WebKit/WebKit/pulls?q=is%3Apr+is%3Aclosed...
-
HTML Streaming and DOM Diffing Algorithm
Since 2023 Chrome announced the View Transition API, and it looks like Safari is also going to support it soon.
-
Towards memory safety with ownership checks for C
One heap per type.
Here’s an allocator optimized for that use case.
https://github.com/WebKit/WebKit/blob/main/Source/bmalloc/li...
-
Bun, JavaScript, and TCO
To use this in Bun, you’d have to start Bun with the environment variable “BUN_JSC_useDollarVM=1” and then $vm.createBuiltin(mySourceCodeString)
When using this intrinsic, if any of the arguments are incorrect or it cannot otherwise enable it, the entire process will probably crash. In debug builds of JSC it will have a nicer assertion failure but that is not enabled in release builds
Example code: https://github.com/WebKit/WebKit/blob/17351231b4dedb62d81721...
also happy to answer any questions about Bun
-
Show HN: Rem: Remember Everything (open source)
Ah, good, let me introduce you to the wonderful world of the Chrome Devtools Protocol! (fka Chrome Remote Debugging Protocol)
I love this API for almost everything browser related. I built my RBI product atop this (BrowserBox: https://dosyago.com), and I think it's a drastically underrated API.
Also, it works out of the box in Edge, Brave, Chromium, and many parts of CRDP are supported by Firefox and Safari^1
1: See for example: https://github.com/WebKit/webkit/tree/main/Source/JavaScript...
- WebGPU now available for testing in Safari Technology Preview
-
Disabling iOS Personalized Ads tells kernel to kill daemon every 3 seconds
No, it's unrelated.
https://github.com/WebKit/WebKit/commit/064df1a9f395f8c6e32c...
- Apple's Safari browser is still vulnerable to Spectre attacks
-
Replacing WebRTC: real-time latency with WebTransport and WebCodecs
It's being worked on now: https://github.com/WebKit/WebKit/pull/17320
-
iLeakage: Browser-Based Timerless Speculative Execution Attacks on Apple Devices
It is different. The cross-site navigation flag is a couple of years old. It was enabled by default for iOS in November 2018 for example https://github.com/WebKit/WebKit/commit/e191fc8c412850cb9fd0...
What are some alternatives?
Squid - Squid Web Proxy Cache
chromium - The official GitHub mirror of the Chromium source
localForage - 💾 Offline storage, improved. Wraps IndexedDB, WebSQL, or localStorage using a simple but powerful API.
otter-browser - Otter Browser aims to recreate the best aspects of the classic Opera (12.x) UI using Qt5
caniuse - Raw browser/feature support data from caniuse.com
cname-trackers - This repository contains a list of popular CNAME trackers
blog-indexeddb-safari-leaks
fingerprintjs - Browser fingerprinting library. Accuracy of this version is 40-60%, accuracy of the commercial Fingerprint Identification is 99.5%. V4 of this library is BSL licensed.
SyncPaint - A web app for synchronized group drawing. Draw together with other people in real time.
gecko-dev - Read-only Git mirror of the Mercurial gecko repositories at https://hg.mozilla.org. How to contribute: https://firefox-source-docs.mozilla.org/contributing/contribution_quickref.html
blog-nojs-fingerprint-demo - A demo for the no-JavaScript fingerprinting article
uBlock-Safari - uBlock Origin - An efficient blocker for Chromium, Firefox, and Safari. Fast and lean.