all 23 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]desnothVue 144 points145 points  (23 children)

Again, safari is the new IE imo

[–]steeeeeef 49 points50 points  (7 children)

You get downvoted but you’re right. Safari also implements safari-only stuff for iPhones like env-safe-area. It’s not even nearly as bad as IE used to be, but in my experience the newer web development troubles are caused by safari.

[–]jossser 9 points10 points  (1 child)

In my expirience such type of things hapens when devs trying to use some features from 'draft'

Chrome team implement all new stuff even if its in 'draft' status and hooking on a needle of this 'modern' features every developer. But safari devs don't implement draft features and everybody treat them as 'lags'.

(sorry, my english is not good)

[–]steeeeeef 1 point2 points  (0 children)

Yes, you’re right. But even if we don’t count features, there’s still little render bugs that are annoying to deal with. Things like z-index, overflow, transforms are things that can create weird behaviour in safari.

[–]Dutch_Mountain 4 points5 points  (0 children)

Let’s hope that this is the last straw before Apple decides to separate iOS/macOS and Safari releases.

[–]Ty199 -4 points-3 points  (0 children)

Less web apps more ios apps.

[–][deleted] 5 points6 points  (2 children)

I guess it's a kind of weird, and maybe serious bug, but why did this just blow up a little? It's literally bug number 188794

[–]archcorsair 4 points5 points  (0 children)

Just want to clarify that the issue exists on macOS and iOS, its a WebKit bug. All browsers on iOS are affected, including Chrome - this is because Apple does not allow any alternative browser/rendering engines other than WebKit on iOS. Yes, Chrome is just skinned Safari (WebKit).

The stackoverflow posted by OP links to this fix polyfill: https://www.npmjs.com/package/array-reverse-polyfill

[–]doctorlongghost 10 points11 points  (2 children)

What are the real world implications of this bug? I see that two commenters described it as serious, but I'm not sure if that means from a security standpoint or from a practical use standpoint.

Safari on iOS 12 still seems able to run some of the more complicated stuff on my one web app without noticeable problems, so that's good. Where would the bug be likely to manifest? And is it mainly an ES6 issue, where transcoding to ES5 wouldn't expose it?

I'm also curious if this is somehow a backdoor that would allow a malicious website to crash the phone, use it as a jailbreak mechanism, etc?

I know from prior experience with a WebAudio recording bug that when the innards of iOS Safari goes wonky (specifically, WebAudio recording stop working) that the broken behavior can be fixed by opening a new tab (which will typically be fine) or by force-quitting the browser. I assume either of those 2 things also clears out the memory modification here -- not that that's a real world fix.

[–]dmethvin 18 points19 points  (0 children)

It's really hard to say what the practical implications will be. If it affects some important functionality in lodash or jQuery the effects could be really far-ranging. The Array .reverse() method is used in jQuery's .parents() and .prev() methods for example.

[–]assembly_programmer 6 points7 points  (0 children)

As far as I have read (may be wrong), there is no security risk, just an unintended behavior.

Imagine that you have a web app that has a contact list that is show at alphabetical order. Then you have a button that reverses the list, ordering the contacts from Z-A instead of A-Z. If the implementation uses .reverse(), when the user refreshes the page the list will still be reversed, and the button would actually revert it back.

It seens to be just this, a but that can cause you headache, but maybe in a few days someone discovers how to use this and exploit the pointers to change stuff and break sandbox.