It’s friday, how’s it going? It’s raining out by me and thundering a bit too - I’m just glad the sky’s not orange like the Canada wildfires made it last week. Completely unrelated, have you noticed our new homepage featuring our new progressive web app starters? Check those out, but then come back here to click on these links, okay?

• @herbst created this awesome 3D model of the Apple Vision Pro headset. It’s a good thing it comes pre-built, I still have a shoebox of Google Cardboard pieces laying around in my closet lol.
• If you like bricks (yes the kind used to build walls), you’ll love this digital brick wall made of bricks linking to images and videos and webpages about bricks. I want a Glitch app like this for literally every object that exists, pls.
• The Atlassian Developer blog wrote about cross-site scripting (XSS) that includes what it is and a demo to test out ways to prevent it. I guess I won’t waste my time entering a Window alert script into my next Jira ticket.
• @jennwrites published an interview with Summer Anne Burton on our blog, who used Chat-GPT and Glitch to build a mixtape generator app. I talked to the bot and it gave me a great list that included Mariah Carey performing Emotions for MTV Unplugged in 1992!

By the way, Mastodon is a member of our Fast Forward program and we’ve been helping them mitigate a bunch of DDOS attacks recently as they’ve scaled to welcome the influx new members. It’s super interesting stuff for anyone running their own instance, or really any community on the web, and we’re hosting a conversation with the folks involved and we invite you to join us - it’s free to sign up and, yes, there will be a recording if you can’t make it!

Your turn to talk! Let us know what you’re working on and what’s been catching your interests this week!

Links comments

very cool!

lol just look at this video they linked The Brick Wall “Hates Twitter” - Youtube

Cool finds

• This article by the Mozilla *Privacy Not Included team
• Framer AI — Generate and publish your site with AI in seconds.
• How Reddit set itself up for a fall - The Verge (related to the question of the minute below)
• I just discovered this glitch project that looks cool: ~activitypub

Question of the minute

What is your opinion on reddit blackout/API pricing changes?

Post it bellow.

if you discover this you just won a cookie

I’m curious, does fastly have anything special that helps mastodon as a federated system in general. It’d obviously be nice to have a sort of whitelist that always allows real mastodon servers to federate with each other.

Besides that, I also do wonder how mastodon works when one server drops out, are federated servers able to temporarily cache the inaccesible posts?

this week has been so hectic but I’m still gradually working on glitch stuff too

oh recently I was looking into getting modern xterm.js working with the glitch terminal endpoint

https://gossamer-fanatical-mice.glitch.me/edit.html

the current state of it, I’ll probably break that later. it needs your persistent token tho. you could try it with an anonymous user if you don’t want to use your own account.

the latest xterm works pretty well on mobile. would be nice to have some on-screen buttons for ctrl and alt etc like how termux does.

also when I was looking into what version of xterm.js glitch was using in its terminal, I found that it was an old version that had at least one major vulnerability https://twitter.com/_fel1x/status/1083085715565621250?lang=en, to the effect that a specially crafted string printed on the terminal would cause attacker-supplied input to be provided back as terminal input, i.e. being able to run commands at the shell or something. so this is everyone’s warning to be very careful about logging untrusted data when you’re using the glitch terminal. …or you can use my glitch command line tool snail term — Snail to connect to the project terminal and not have this problem!