110My Gift to the Rustdoc TeamCompletely appalled to learn that docs.rs lets you inject any html/css/js you want into the live site (on pages documenting your crate). I love the flexibility but shudder at the security hole the size of, oh, I don’t know, the Grand Canyon.It’s not a new discovery, I just didn’t know docs.rs (intentionally) wasn’t blocking this. Cf https://docs.rs/pwnies/0.0.13/pwnies/Yea, it’s technically a bad idea but on the other hand there’s nothing there to steal.How have other doc providers handled multilingual code highlighting at scale?Also, seems clever to use custom elements to reduce `<span class="highlight-whatever">` to `<a-k>`.this looks like a truly amazing piece of work. props to the author for doing a very thorough job.Amos is horrifyingly productive!
Completely appalled to learn that docs.rs lets you inject any html/css/js you want into the live site (on pages documenting your crate). I love the flexibility but shudder at the security hole the size of, oh, I don’t know, the Grand Canyon.It’s not a new discovery, I just didn’t know docs.rs (intentionally) wasn’t blocking this. Cf https://docs.rs/pwnies/0.0.13/pwnies/Yea, it’s technically a bad idea but on the other hand there’s nothing there to steal.
How have other doc providers handled multilingual code highlighting at scale?Also, seems clever to use custom elements to reduce `<span class="highlight-whatever">` to `<a-k>`.
this looks like a truly amazing piece of work. props to the author for doing a very thorough job.Amos is horrifyingly productive!
Completely appalled to learn that docs.rs lets you inject any html/css/js you want into the live site (on pages documenting your crate). I love the flexibility but shudder at the security hole the size of, oh, I don’t know, the Grand Canyon.
It’s not a new discovery, I just didn’t know docs.rs (intentionally) wasn’t blocking this. Cf https://docs.rs/pwnies/0.0.13/pwnies/
Yea, it’s technically a bad idea but on the other hand there’s nothing there to steal.
How have other doc providers handled multilingual code highlighting at scale?
Also, seems clever to use custom elements to reduce `<span class="highlight-whatever">` to `<a-k>`.
this looks like a truly amazing piece of work. props to the author for doing a very thorough job.
Amos is horrifyingly productive!