It'll be funny if SMIL works
(because Chrome tried to deprecate it)
-
-
Replying to @mrdoob @ppparshekar
Just remix my demo and keep us posted :-) I suspect it won’t work.
1 reply 0 retweets 1 like -
Replying to @tomayac @ppparshekar
Yeah. Me neither. They'd have had to add a rendering loop intentionally...
1 reply 0 retweets 0 likes -
Just tested. SMIL doesn't work in the favicon, and seems like Chrome no longer executes JS inside SVGs when embedded (no idea if it ever did). https://cdn.glitch.com/b26e78a7-b553-48df-b00e-05705641fa7d%2Ficon.svg …
2 replies 0 retweets 2 likes -
It would be a massive web security issue if images (incl. <img src=foo> but also favicons) would be able to run script
The HTML spec covers this here: “User agents must not run executable code (e.g. scripts) embedded in the image resource.” — https://html.spec.whatwg.org/multipage/images.html#images-processing-model …2 replies 0 retweets 4 likes -
I wonder why anyone thought global scope for SVG <script> was a good idea: “Any functions defined within any ‘script’ element have a "global" scope across the entire current document.”—https://svgwg.org/svg2-draft/interact.html#ScriptElement …
1 reply 0 retweets 2 likes -
I thought it was cool when I found a svg once that had a pong game inside. I also found once one that had a 3d cube being generated every frame.
1 reply 0 retweets 1 like -
Definitely cool!
If SVG <script> were scoped to the enclosing <svg> tags (rather than being global, as spec'ed now), could we then have scripts execute safely in an <img>?
<!-- Unreachable -->
<svg […]>
<script>/* Can't reach outside */</script>
</svg>
<!-- Unreachable -->1 reply 0 retweets 1 like -
Thinking about it more, probably one should prohibit all network-involving operations to avoid tracking (onhover etc.).
1 reply 0 retweets 0 likes -
What's wrong with favicons mining bitcoin?
1 reply 0 retweets 5 likes
The separation of concerns: that’s what Wasm is for!!1
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.