1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 12:52:10 +00:00
This commit is contained in:
Rohan Kumar 2022-06-06 16:51:12 -07:00
parent 51f69c5d61
commit f132e194ed
No known key found for this signature in database
GPG key ID: 1E892DB2A5F84479
3 changed files with 3 additions and 3 deletions

View file

@ -78,7 +78,7 @@ Another difference is that while declarative filtering does have reduced functio
With adblockers, you don't just trust extension developers; you also trust filter-list contributors. Many filter lists have thousands of entries aggregated from other filter lists, so trust-by-proxy ends up covering a lot of ground. This also applies to userstyle extensions: you have to trust the authors of each theme.
CSS injection is a powerful tool that can be used well or maliciously. Remember that it's contributors and extension developers could be well-meaning but still allow a vulnerability to slip through, especially when you account for extensions that alter a site's CSP.
CSS injection is a powerful tool that can be used well or maliciously. Remember that its contributors and extension developers could be well-meaning but still allow a vulnerability to slip through, especially when you account for extensions that alter a site's CSP.
I still use these privileged extensions, but I try to limit their scope to sites where they're necessary.

View file

@ -86,7 +86,7 @@ I'll update this section as I collect feedback. Watch this space.
<q>If we trust our extension developers, is any of this really necessary?</q>
: With adblockers, you don't just trust extension developers; you also trust filter-list contributors. Many filter lists have thousands of entries aggregated from other filter lists, so trust-by-proxy ends up covering a lot of ground. This also applies to userstyle extensions: you have to trust the authors of each theme.
CSS injection is a powerful tool that can be used well or maliciously. Remember that it's contributors and extension developers could be well-meaning but still allow a vulnerability to slip through, especially when you account for extensions that alter a site's CSP.
CSS injection is a powerful tool that can be used well or maliciously. Remember that its contributors and extension developers could be well-meaning but still allow a vulnerability to slip through, especially when you account for extensions that alter a site's CSP.
I still use these privileged extensions, but I try to limit their scope to sites where they're necessary.

View file

@ -1044,7 +1044,7 @@ Where long inline `<code>` elements can trigger horizontal scrolling, consider a
### Keeping text together
Soft hyphens are great for splitting up text, but some text should stay together. The phrase "10&nbsp;cm", for instance, would flow poorly if "10" and "cm" appeared on separate lines. Splitting text becomes especially painful on narrow viewports. A non-breaking space keeps the surrounding text from being re-flowed. Use the `&nbsp;` HTML entity instead of a space: `10&nbsp;cm`. {{<mention-work itemtype="Book">}}{{<cited-work name="Practical Typography" url="https://practicaltypography.com/">}} by {{<indieweb-person itemprop="author" first-name="Matthew" last-name="Butterick" url="https://mbtype.com/bio.html">}},[^17] a typographer{{</mention-work>}}, describes [where to use the non-breaking space](https://briefs.video/videos/is-progressive-enhancement-dead-yet/) in more detail.
Soft hyphens are great for splitting up text, but some text should stay together. The phrase "10&nbsp;cm", for instance, would flow poorly if "10" and "cm" appeared on separate lines. Splitting text becomes especially painful on narrow viewports. A non-breaking space keeps the surrounding text from being re-flowed. Use the `&nbsp;` HTML entity instead of a space: `10&nbsp;cm`. {{<mention-work itemtype="Book">}}{{<cited-work name="Practical Typography" url="https://practicaltypography.com/">}} by {{<indieweb-person itemprop="author" first-name="Matthew" last-name="Butterick" url="https://mbtype.com/bio.html">}}{{</mention-work>}}, describes [where to use the non-breaking space](https://briefs.video/videos/is-progressive-enhancement-dead-yet/) in more detail.
One exception to the rules from <cite>Practical Typography</cite>: don't use a non-breaking space if it would trigger two-dimensional scrolling on a narrow viewport. Between broken text and two-dimensional scrolling, broken text is the lesser evil. I personally set a cutoff at 2.5&nbsp;cm (1&nbsp;inch) at 125% zoom.