A URL fragment is the part after #. The HTTP specification prohibits browsers from sending fragments to servers. The server that delivers the page never receives the content, never knows which site you are viewing, and has no way to find out. No content is collected, stored, or logged. The privacy is structural.
A site that was never put on a server can never be taken off one. There is no account to suspend, no host to pressure, no platform that can decide your content should not exist. Each copy of the link is a complete copy of the site data.
Site creators can encrypt the URL itself with a password. Even possessing the link reveals nothing about what is inside.
If I understand correctly, when a nowhere URL is pasted in a browser, what happens is:
1. the browser downloads generic JS libraries from the main site
2. these libraries then decode the fragment part, and transform it into the UI
If that's correct, someone still has to host or otherwise distribute the libraries - hence why you need the app to use it while offline (it ships the libraries).
This is not criticism, I'm just trying to get my head around how it works.
Interesting thought to explore but overblown claims.
For the privacy claims to hold, a fundamental conceit is that you trust and use the nowhere app / domain. The source is open, so let’s imagine that you individually can be satisfied.
Now, the idea that entire apps can be shared via a link in a Signal chat or a QR code on a flier is a fascinating bit of compression and potential for archiving.
Imagine games shared on paper QR codes at a meetup.
Oh but here’s the rub, do you trust the arbitrary code you just scanned off of a QR code? TLS has become a proxy for trusted authorship. “Well if it’s really coming my bank then it’s probably safe”
This resembles some serverless pastebins. Data is serialized into the fragment part, and client-side JS deserializes them. The only practical difference is that this app sets them as HTML while those set them as text.
I did a showhn with similar idea(got a whooping 1 point and was flagged as spam which was later removed by mods), you paste your html and it encodes it into url, you can share the url without server involvement. I even added a url shortener because while technically feasible encoded url becomes long and QR code no longer works reliably. I also added annotation so you can add your comments and pass it to colleagues.
34 comments
[ 2.5 ms ] story [ 61.4 ms ] threadA URL fragment is the part after #. The HTTP specification prohibits browsers from sending fragments to servers. The server that delivers the page never receives the content, never knows which site you are viewing, and has no way to find out. No content is collected, stored, or logged. The privacy is structural.
A site that was never put on a server can never be taken off one. There is no account to suspend, no host to pressure, no platform that can decide your content should not exist. Each copy of the link is a complete copy of the site data.
Site creators can encrypt the URL itself with a password. Even possessing the link reveals nothing about what is inside.
https://github.com/5t34k/nowhere
Let me tell you about a thing called JavaScript.
> A site that was never put on a server can never be taken off one.
If you post a link on HN and the content is embedded in the link itself then HN is the de facto server.
1. the browser downloads generic JS libraries from the main site
2. these libraries then decode the fragment part, and transform it into the UI
If that's correct, someone still has to host or otherwise distribute the libraries - hence why you need the app to use it while offline (it ships the libraries).
This is not criticism, I'm just trying to get my head around how it works.
You still have to share the link somewhere, why not just share a block of text (invitation, campaign, whatever) directly instead?
> present everywhere
> Still here when the internet isn't
I'm afraid the OP may not have full understanding of how internet works. This is either some kind of a post irony, or some vibe code fever dream.
Either way, I'm deeply confused.
this works as a "url" in both chrome and safari:
But would this mean encoding the entire dist folder after build step?
> Private through physics. Not through policy.
Goodness, LLM really convinced itself this was groundbreaking.
You could describe a .html file sitting on your computer with all of the same marketing bluster.
Someone has to send it to you all the same, and you might as well not rely on some random internet service to render it??
https://tinyurl.com/mrpas5dc
https://github.com/kelseyhightower/nocode
So, its just like sending your sites link through email/whatsapp or any other channel. I don't know what the real usecase for this idea could be!!!!
Now, the idea that entire apps can be shared via a link in a Signal chat or a QR code on a flier is a fascinating bit of compression and potential for archiving.
Imagine games shared on paper QR codes at a meetup.
Oh but here’s the rub, do you trust the arbitrary code you just scanned off of a QR code? TLS has become a proxy for trusted authorship. “Well if it’s really coming my bank then it’s probably safe”
Posted to HN in 2023
https://news.ycombinator.com/item?id=37408150
https://easyanalytica.com/tools/html-playground/
2. The share svg icons look very broken.