in reply to: https://aaronparecki.com/2023/06/06/9/

Not all heroes wear capes.

 

in reply to: https://aaronparecki.com/2023/03/19/30/

Ahh that makes sense. I’ll update my sub.

 

in reply to: https://aaronparecki.com/2023/03/19/18/plane

I’m not sure if this is by design, but your photos don’t seem to come through in your RSS feed. Just a heads up.

 

in reply to: https://aaronparecki.com/2023/03/07/28/

Ahh, cool. Something like this seems to work as a bookmarklet:

javascript: ( () => { let u = window.location.href; window.location.href=`https://quill.p3k.io/new?reply=${u}`})();

Fun stuff! Thanks for building such great tools.

 

in reply to: https://aaronparecki.com/2023/03/06/24/

That’s awesome. I actually use Quill daily for posting and testing. I ended up finding omnibear which does most of what I want. It even detects if a site supports webmentions and displays a “W” during the reply. Omnibear definitely leaves a bit to be desired, but does the job. Is your Quill bookmarklet public?

 

in reply to: https://aaronparecki.com/2023/03/02/15/

You just blew my mind. So that basically defeats PKCE?

 

in reply to: https://aaronparecki.com/2023/03/02/14/

True, but it would be tricky.

Wouldn’t the attacker have find a way to extract the code_verifier from local storage and pass it along with the hijacked redirect?

They would have to somehow have the ability to write custom js code on the path they are redirecting to. I guess this is possible on sites that don’t sanitize user inputs.

 

in reply to: https://aaronparecki.com/2023/03/02/10/oauth

Could using PKCE fix this issue?

 

in reply to: https://geoffgraham.me/goodbye-css-tricks/

Sorry to hear about the layout Geoff. I have been laid off before from a company where I invested much of my energy writing technical blog posts for their blog. In my case, the company sold and the blog was eventually shut down. It’s brutal to watch your work disappear like that. Hopefully, DO keeps CSS-Tricks going forward. Best of luck!

 

in reply to: https://shkspr.mobi/blog/2023/02/never-use-a-url-shortening-service-even-if-you-own-it/

I love that you specify ”even if you own it”. Being a dev, I have implemented countless url shortening services and the like only to abandon them years (or even months) later.

No one wants to “own” this software long term. Especially, when it’s a utility-based service with no ROI.

I’m surprised anyone would use a shortening service in 2023. It seems like a relic of the old Twitter days with the sole purpose of providing a solution to the character limit.

 

in reply to: https://aaronparecki.com/2023/02/17/19/mfa

We encourage non-Twitter Blue subscribers to consider using an authentication app or security key method instead. These methods require you to have physical possession of the authentication method and are a great way to ensure your account is secure.

Does this mean that they are still supporting TOTP and others for non Twitter Blue subscribers?

If so, that’s still a weird choice (to ditch SMS and keep others) as those are much more technical methods of auth than SMS. I would imagine most of their user base would have no idea how to set up apps like Authy or Google Authenticator.

Such an odd move.

 

in reply to: https://starrwulfe.xyz/notes/2023/02/2023-02-16-cbsmk

Hey there! Thanks for the note. I have been through so many coffee brewing systems (including the French Press).

I keep coming back to the original Aeropress

It’s (relatively) inexpensive, portable, easy to use and very versatile. So I’d say it’s my #1 recommendation for a single-cup brewing system. Just Google “Aeropress recipes” and you will find such an interesting community around the various ways to brew coffee with it.

You can buy from their site, Amazon, or most local coffee shops.

Hope that helps!

 

in reply to: https://aaronparecki.com/2023/02/02/13/twitter

I feel like this applies to all “Sign in With” services (except indieauth of course ;)). I love the move to try and kill the password, however the state of these services is insane. I’m 1Pass for almost everything these days.

 

in reply to: https://rknight.me/adding-webmentions-to-your-site/

Looks awesome!

I did something similar on my site though it does not look nearly as beautiful as yours

I may have to steal some of your JS.

 

in reply to: https://brandontreb.com/2023/01/09/jvb8j09ckb94y8r6hbvxw7

Testing a reply from Quill

 

in reply to: https://www.manton.org/2023/01/01/did-not-finish.html

@manton I know you read a lot of fantasy. If you could recommend your top fantasy novel of 2022, what would it be?

 

in reply to: https://aaronparecki.com/2022/12/29/1/

Haha So cool! Happy birthday!

 

in reply to: https://www.manton.org/2022/12/29/read-this-post.html

It’s an interesting post for sure.

I LOVE taking my family to B&N. It’s so odd that going to a bookstore provides such a unique and interesting experience.

 

in reply to: https://www.manton.org/2022/12/28/working-a-little.html

Looks awesome. Are you using SwiftUI?

 

in reply to: https://aaronparecki.com/

Dude, I’m LOVING the balloons on the site. Reminds me of the MySpace/old web days.

 

in reply to: https://aaronparecki.com/2022/12/22/25/

I love it! I remember playing Starcraft using NetZero. We had to run a patch otherwise there was a hideous banner that was plastered along the top :)

BTW, your blog has been a huge source of inspiration. I have spent the last 6 months building an indie web-centric single-user blog engine (my site is currently running it). Your tools (Im currently posting on Quill) and documentation have been absolutely invaluable! So, thank you so much for all of the hard work you have done and continue to do. I look forward to contributing to this amazing community!

 

in reply to: https://brandontreb.com/2022/12/23/fpxjndh8tg6egqw1kc5xi

Testing replies…

 

in reply to: https://aaronparecki.com/2022/12/22/23/pocket

I feel the same way. I recently purchased an RG351v in hopes of playing the games that I loved as a kid. It lasted all of two days and now the device sits in my drawer :/