- cross-posted to:
- main@lemmy.ca
- theandrocollection@lemm.ee
- dach@feddit.de
- cross-posted to:
- main@lemmy.ca
- theandrocollection@lemm.ee
- dach@feddit.de
I might just be paranoid but is wefwef.app safe? Any of you guys use it?
I’m primarly curious how much of wefwef is proxied versus directly pulled from instance.
You must log in or register to comment.
Open source, so anyone can look through the code, or self host it even.
When you install wefwef on your phone, aren’t you essentially hosting it since it is a standalone application running on your phone?
As far as I understand even with the web app installed currently everything has to be proxied because CORS but that will hopefully change in the future. Reference: https://github.com/aeharding/wefwef/releases
When you install the wefwef app on your phone, it functions as a standalone application that runs on your device. However, it still relies on the wefwef.app for updates and maintenance. The developer who created the app manages this server to ensure that the app remains up to date and properly maintained.
Personally, I trust the author and use the wefwef.app instead of self-hosting it myself.
It‘s a progressive web app, which is a little different than a website; it’s built in HTML/JS like a website, but has no server. You can install it on your device and it talks directly to your Lemmy instance. In effect it’s no different from any other Lemmy app except for being built in web programming languages instead of Swift/Kotlin (app programming languages).
This is actually not true. Because of CORS issues (which block you from querying a domain’s resources while on another domain name on a browser), it proxies all of the requests using a backend server.
It is partially proxying due to cors
Although I suppose the source code does give a bit of assurance 😊
You can do more by making sure you aren’t reusing credentials.
Make it so at worse you lose an account and nothing more in a worst case scenario. I personally trust them
I trust wefwef.app - the developers have been working hard and advocating for permissive CORS to avoid to proxy all of the client’s requests.
- Fizz ( @Fizz@lemmy.nz ) English3•1 year ago
Yeah I’m using it right now. I trust it based on nothing but the vibe.
Nice 👍
I definitely was a bit concerned so I deployed my own instance, but not everyone can do that of course.