Skip to content

Instantly share code, notes, and snippets.

View yoavweiss's full-sized avatar

Yoav Weiss yoavweiss

391 followers · 1 following
View GitHub Profile
@yoavweiss
yoavweiss / notes.md
Created October 20, 2024 11:21
Autofill API meeting - October 17th 2024 - notes

Participants

Yoav Weiss

Rouslan Solomakhin (Google)

Darwin Yang (Google)

(Shopify)

@yoavweiss
yoavweiss / Address autofill - minutes.md
Last active September 30, 2024 12:57

WICG: Address Autofill

  • TPAC

Attendees: Westin, Martin Lechner, Yoav Weiss, Anne van Kesteren, Christian Indra, Rick Byers, Adam Rice, Michal Mocny, Dominic Batre

  • Yoav: Discuss Address Autofill
  • autofill is a key feature for login and web forms etc
@yoavweiss
yoavweiss / FedCM in practice - minutes.md
Last active September 25, 2024 20:45

Joel: Welcome! Gonna show a live use case for FedCM

Demo to bootstrap the conversation

Shop.app is the buyer-facing identity at Shopify

Reaching checkout when you’re not authenticated can be complicated

Buyers that reach checkout authenticated, they’re more likely to successfully complete checkout

@yoavweiss
yoavweiss / es_module_integrity_example.js
Last active August 1, 2024 10:03
ES module intergity example
<script type="importmap">
{
"imports": {
"square": "./module/shapes/square.js"
},
"integrity": {
"./module/shapes/square.js": "sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC"
}
}
@yoavweiss
yoavweiss / noopener_allow_popups_s&p_questions.md
Created June 5, 2024 08:55
@yoavweiss
yoavweiss / noopener_allow_popups_explainer.md
Last active September 17, 2024 09:21

noopener-allow-popups Cross-Origin-Opener-Policy value

Some origins can contain different applications with different levels of security requirements. In those cases, it can be beneficial to prevent scripts running in one application from being able to open and script pages of another same-origin application. Such a document need to ensure its opener cannot script it, even if the opener document is a same-origin one.

The noopener-allow-popups Cross-Origin-Opener-Policy value severs the opener relationship between the document loaded with this policy and its opener. At the same time, the opened document can open further documents (as the "allow-popups" in the name suggests) and maintain its opener relationship with them, assuming that their COOP policy allows it.

@yoavweiss
yoavweiss / Remap_esc_key.sh
Created October 7, 2018 20:14
Remap § to Esc and Esc to F24
#!/bin/bash
hidutil property --set '{"UserKeyMapping":[{"HIDKeyboardModifierMappingSrc":0x700000064,"HIDKeyboardModifierMappingDst":0x700000029}, {"HIDKeyboardModifierMappingSrc":0x700000029,"HIDKeyboardModifierMappingDst":0x700000073}]}'
@yoavweiss
yoavweiss / preload_feature_detection.js
Last active July 24, 2020 19:31
Preload feature detection
var DOMTokenListSupports = function(tokenList, token) {
if (!tokenList || !tokenList.supports) {
return;
}
try {
return tokenList.supports(token);
} catch (e) {
if (e instanceof TypeError) {
console.log("The DOMTokenList doesn't have a supported tokens list");
} else {
@yoavweiss
yoavweiss / domtokenlist_feature_detection.js
Last active January 10, 2020 17:36
DOMTokenList supports() example
var DOMTokenListSupports = function(tokenList, token) {
if (!tokenList || !tokenList.supports) {
return;
}
try {
return tokenList.supports(token);
} catch (e) {
if (e instanceof TypeError) {
console.log("The DOMTokenList doesn't have a supported tokens list");
} else {
@yoavweiss
yoavweiss / gist:801c631032c8027fe8a0
Created December 7, 2015 21:03
<picture>
<source srcset="http://placehold.it/300.png">
<img src="http://placehold.it/100.png" id=bla>
</picture>
<script>
(function() {
var img = document.getElementById("bla");
img.parentNode.removeChild(img);
})();
</script>