Conversation

Replying to

i grant you that + over comma is not a massive deal here. but also - `print` is not a statement, and it doesn't only output variables - "text" is not really a term, and "combine text and a variable" is basically mad libs - that's an operator, not a character

7

8

342

like. programming is very precise. you think i'm being picky? wait til you interact with a computer. there is no reason to be sloppy like this. and it's not this passage. it's on every page. i could make an endless thread. it all feels just churned out to make ad slots

6

11

447

like this is just straight up incorrect, AND there is virtually never any reason to use `del name` in the first place

11

4

257

this is, bizarrely, part of the introduction to classes, which is two very short pages that never explain why you might want a class or what it's for, don't explain what a method is and switch back and forth between method/function, and call attributes "properties" which is wrong

4

1

214

what in the absolute fuck is this? what is a beginner programmer supposed to make of this page?

13

17

400

did they have a page on arrays and someone told them that's kind of misleading because python's type is called a list, so they just... added some warnings that are incomprehensible if you don't already know C? this is the top-ranked beginner resource??

4

3

275

they have a page on iterators, including how to create your own class-based iterable, before they even mention SCOPE. and like everything else, it's a bulleted list of vaguely related topics, each given two sentences, no further context. this is a fucking trash fire

3

3

212

to answer a recurring question: No, it is not okay for web stuff. In fact w3schools is legendarily awful for web stuff. It may possibly be worse for web stuff than for anything else. The very first line of code in their JS tutorial is wrong

14

20

369

Replying to

Which line? Printing a date? Also interesting to see they’ve taken a side on whether HTML is a language or not.

1

Replying to

using .innerHTML with plain text

2

12

Replying to

and

Using innerHTML doesn't work at all if you enable strict Trusted Types since it's one of the XSS sink APIs. If anything they should have a section near the end covering dangerous and legacy APIs including that one and explain why not to use it and the safer alternatives.

4:12 AM · Mar 8, 2022Twitter Web App

Replying to

and

If only microsoftedge.github.io/edgevr/posts/e was part of what was taught to new developers, i.e. use the structured DOM APIs and avoid ever converting text to HTML except when interacting with legacy libraries or APIs, and only do that begrudgingly.

microsoftedge.github.io

Eliminating XSS from WebUI with Trusted Types

After the research on Site Isolation, it became clear that the most common problem with extensions is calling chrome.tabs.create with a URL received from a content script message. While such a bug...

2