shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

270
active users

#polyfillio

0 posts0 participants0 posts today
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>Y'all remember <a href="https://mastodon.social/tags/PolyfillIO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PolyfillIO</span></a>?</p><p>I realize the lesson there is; don't depend on code from domains you don't control, and in an ideal world that's what you should do</p><p>But is there still a need there? Are there <a href="https://mastodon.social/tags/webPlatform" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webPlatform</span></a> features you'd like to use but you don't want to introduce a build process just to bundle the <a href="https://mastodon.social/tags/polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfill</span></a> from <a href="https://mastodon.social/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPM</span></a>?</p><p>Or is there no point in <a href="https://mastodon.social/tags/polyfills" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfills</span></a> since <a href="https://mastodon.social/tags/browsers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>browsers</span></a> don't share caches between origins these days so there's no precaching benefit anymore?</p><p><a href="https://mastodon.social/tags/webDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webDev</span></a> <a href="https://mastodon.social/tags/javaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javaScript</span></a> <a href="https://mastodon.social/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>So, I'm thinking; what if I build polyfill.io, but on the Blockchain! Hey come back..</p><p>Hear me out; <a href="https://mastodon.social/tags/fleekfunctions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fleekfunctions</span></a> are immutable, and transparent. So long as the <a href="https://mastodon.social/tags/fleeknetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fleeknetwork</span></a> nodes can be trusted to execute the code properly (I presume there are cryptographic guarantees of output validity) then it could be safer from supply chain attacks.</p><p><a href="https://mastodon.social/tags/webDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webDev</span></a> <a href="https://mastodon.social/tags/polyfillio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfillio</span></a> <a href="https://mastodon.social/tags/polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfill</span></a> <a href="https://mastodon.social/tags/supplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplyChain</span></a> <a href="https://mastodon.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.social/tags/web3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web3</span></a> <a href="https://mastodon.social/tags/blockchain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blockchain</span></a> <a href="https://mastodon.social/tags/fleek" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fleek</span></a> <a href="https://mastodon.social/tags/javaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javaScript</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>&gt; <a href="https://mastodon.social/tags/China" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>China</span></a>-based company <a href="https://mastodon.social/tags/Funnull" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Funnull</span></a> acquired the domain and the GitHub account that hosted the <a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JavaScript</span></a> code. On June 25, researchers from <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.</p><p><a href="https://arstechnica.com/security/2024/07/384000-sites-link-to-code-library-caught-performing-supply-chain-attack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2024/</span><span class="invisible">07/384000-sites-link-to-code-library-caught-performing-supply-chain-attack/</span></a></p><p><a href="https://mastodon.social/tags/polyfillio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfillio</span></a> <a href="https://mastodon.social/tags/supplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplyChain</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>&gt; The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator</p><p>&gt; Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.</p><p>LOL, FAIL!</p><p><a href="https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/</span></a></p><p><a href="https://mastodon.social/tags/polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfill</span></a> <a href="https://mastodon.social/tags/polyfillio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfillio</span></a> <a href="https://mastodon.social/tags/cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudflare</span></a> <a href="https://mastodon.social/tags/bootcdn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootcdn</span></a> <a href="https://mastodon.social/tags/bootcss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootcss</span></a> <a href="https://mastodon.social/tags/staticFile" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticFile</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Scripter :verified_flashing:<p>JavaScript-Service Polyfill.io: 100.000 Sites binden Schadcode über CDN ein | heise online<br><a href="https://heise.de/-9778256" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">heise.de/-9778256</span><span class="invisible"></span></a> <a href="https://social.tchncs.de/tags/ContentDeliveryNetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ContentDeliveryNetwork</span></a> <a href="https://social.tchncs.de/tags/CDN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CDN</span></a> <a href="https://social.tchncs.de/tags/Polyfillio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Polyfillio</span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>UBlock Origin is now blocking polyfill.io </p><p>Your regular reminder that AdBlockers are not just for hiding banner ads, they are also an indispensable tool for <a href="https://mastodon.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> and <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p><p><a href="https://github.com/uBlockOrigin/uAssets/commit/91dfc54aed0f0aa514c1a481c3e63ea16da94c03" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/uBlockOrigin/uAsset</span><span class="invisible">s/commit/91dfc54aed0f0aa514c1a481c3e63ea16da94c03</span></a></p><p>/cc <span class="h-card" translate="no"><a href="https://front-end.social/@AmeliaBR" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>AmeliaBR</span></a></span> </p><p><a href="https://mastodon.social/tags/polyfillio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfillio</span></a> <a href="https://mastodon.social/tags/ublock" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ublock</span></a> <a href="https://mastodon.social/tags/supplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplyChain</span></a> <a href="https://mastodon.social/tags/polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfill</span></a> <a href="https://mastodon.social/tags/uBlockOrigin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uBlockOrigin</span></a> <a href="https://mastodon.social/tags/adBlocker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>adBlocker</span></a></p>
Amelia Bellamy-Royds<p>Re the <a href="https://front-end.social/tags/polyfillio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyfillio</span></a> malware issue:</p><p>I've seen a lot of people telling web developers to update any sites that use the service. But we all know there are countless unmaintained websites out there for small business and orgs.</p><p>The other thing that should be done is clientside, to block access to the URL so your browser won't download the malware even if a website asks it to.</p><p>Anyone got a good guide for doing that, at the individual browser or OS level? (For those without institutional firewalls.)</p>