

Draw on any webpage. Share your ideas - MarkUp - dchest
http://markup.io/

======
xtacy
I think there are security issues, as it "works" by copying the HTML of the
page and overlaying a canvas on top. So, for e.g., if you post a HN page, I
could copy the URL for upvoting, trick you into clicking it and get an upvote
automatically. The auth token in the upvote URL is supposed to prevent CSRF
attacks, so it's dangerous to give it away!

It's also a problem with websites that store temporary auth tokens on the
webpage, though I don't know any.

~~~
photon_off
As with all bookmarklets that include dynamic scripts, there's the security
issue of XSS as well, including cookie hijacking and form posting. It
completely a matter of trust that the bookmarklet you're running is safe, and
hasn't been modified to do anything bad.

~~~
xtacy
I completely agree with you. But then, I have to trust only the bookmarklet
provider not to do malicious stuff; here, even if I trust markup.io, I still
have to trust _others_ who are going to view my markup.

------
Batsu
Previous discussion (started by the developer):
<http://news.ycombinator.com/item?id=1768345>

------
Qz
The linked page seems to have trouble recognizing the arrow example. The
others I can be a bit sloppy, but that one I have to really slow down and
trace (or pretend trace since the guideline inexplicably disappears).

------
devinfoley
This is great! If you are looking for a business idea, I'd be willing to pay a
monthly subscription fee for a private version of this. As a developer, I'd
use it for reporting bugs in web apps that I develop (and I'd encourage biz
and product people within the organization to do the same).

~~~
josiahq
We're planning (tentatively) on adding accounts, private MarkUps, and a few
other features in the next version.

------
prawn
Yet to try it out, but really like the style you've chosen for your front
page. Only thing, and it might be intentional, is the variety of ways you're
presenting your mark. The mark is there in a circle, arrow-like shape, and
something more like a banner (in the footer). If it's to demonstrate the
shapes your system understands, that might need to be better explained.
Otherwise, I'd just pick one shape and run with it.

------
pbhjpbhj
It's a great idea, <http://markup.io/v/36h50c6fcaee>, but sadly didn't work on
the first page I tried (a blog alicious.com; <http://imgur.com/GYpKu.png>).

It needs an undo and an erase function IMO.

~~~
maxtilford
C-z

~~~
pbhjpbhj
Cool, also like the auto-tidy on the arrows.

------
earnubs
Wow, I love this.

<http://markup.io/v/d3tjg1xn1eqx>

~~~
mgkimsal
<http://markup.io/v/j0b9dta6v2cp>

------
forcer
Not an original idea but excellent execution and has potential to spread
virally! I have put it to my bookmarklet and time will see if I use it for
some tasks. At the moment I cannot think about any scenario that would be
useful but I am sure there are plenty.

------
jscore
Nice user engagement when u ask them to draw shapes, I was hooked right away.

~~~
jscore
my mono lisa, <http://markup.io/v/r7tj2gav5ds5>

------
mkilling
Would be very cool if you could make it work on the iPad as well!

~~~
josiahq
on its way!

------
lurchpop
love it. another one of those "damn, why didn't i make that" apps :D

