Hey Praveen. Nice write up. Just a couple of things.
Setting content with innerHTML makes your implementation open to XSS attacks if you plan to add content that is not generated by you. This could be content coming from your users like usernames.
Having a screenshot of code (onNavigate) method makes it hard for readers to easily copy and paste the code provided. We like copy pasting a lot 😁
Lastly on the naming of the method onNavigate. This gives an impression that the code will be called once the navigation happens. I think something like navigate would have been more appropriate.
Thanks for your feedback. 🙂
For your first point, I just want to say that this article is just for demonstration purpose.
Else, I consider your other points and will consider them in my future articles.
May what can help is If you are aware there is a security risk in your implementation, you should mention it in the article just to let whoever is reading know about it. I raised it because it wasn't mentioned in the article.
Hey Praveen. Nice write up. Just a couple of things.
innerHTML
makes your implementation open to XSS attacks if you plan to add content that is not generated by you. This could be content coming from your users likeusernames
.onNavigate
) method makes it hard for readers to easily copy and paste the code provided. We like copy pasting a lot 😁onNavigate
. This gives an impression that the code will be called once the navigation happens. I think something likenavigate
would have been more appropriate.Hi Sadick,
Thanks for your feedback. 🙂
For your first point, I just want to say that this article is just for demonstration purpose.
Else, I consider your other points and will consider them in my future articles.
May what can help is If you are aware there is a security risk in your implementation, you should mention it in the article just to let whoever is reading know about it. I raised it because it wasn't mentioned in the article.
I'll edit this article as soon as possible.
Thanks, Sadick for your feedback. 🙂