My Gift to the Rustdoc Team (fasterthanli.me) 104 points by joshka 2 days ago 4 comments Copy Link View on Hacker News
Copy Link ComputerGuru 7 hours ago Next Collapse Comment - Completely appalled to learn that docs.rs lets you inject any html/css/js you want into the live site (on pages documenting your crate). I love the flexibility but shudder at the security hole the size of, oh, I don’t know, the Grand Canyon.It’s not a new discovery, I just didn’t know docs.rs (intentionally) wasn’t blocking this. Cf https://docs.rs/pwnies/0.0.13/pwnies/ Reply View | 0 replies
Copy Link wonger_ 20 hours ago Prev Next Collapse Comment - How have other doc providers handled multilingual code highlighting at scale?Also, seems clever to use custom elements to reduce `<span class="highlight-whatever">` to `<a-k>`. Reply View | 0 replies
Copy Link zem 20 hours ago Prev Collapse Comment - this looks like a truly amazing piece of work. props to the author for doing a very thorough job. Reply View | 1 reply Copy Link dcminter 9 hours ago Parent Collapse Comment - Amos is horrifyingly productive! Reply View | 0 replies
Copy Link dcminter 9 hours ago Parent Collapse Comment - Amos is horrifyingly productive! Reply View | 0 replies
Completely appalled to learn that docs.rs lets you inject any html/css/js you want into the live site (on pages documenting your crate). I love the flexibility but shudder at the security hole the size of, oh, I don’t know, the Grand Canyon.
It’s not a new discovery, I just didn’t know docs.rs (intentionally) wasn’t blocking this. Cf https://docs.rs/pwnies/0.0.13/pwnies/