Add implementation to make users aware of known vulnerabilities
Iterate through MDN (and other?), find any security/vulnerability/privacy... concerns and add appropriate implementation to make users aware of them. The only way I know now is to deprecate
the related items with a note that contains the link to the text that mentions the concern.
For example, there is a concern when using attribute target
of element <a>
. A Rust attribute's deprecated
is added like this (see in code):
Target {
_Self => "_self",
#[deprecated(note = "There is a Security_and_privacy_concerns when `target='_blank'`, please use `.target_blank_with_rel()`. See more at https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a#Security_and_privacy_concerns")]
_Blank => "_blank",
_Parent => "_parent",
_Top => "_top",
}
Unfortunately, doing this also affect any element (<a>
, <area>
, <button>
, <form>
) that uses the enum Target
. Is this concern also affect these elements? I don't known yet. I decide to accept this big side effect(?). In the future, the restriction may be lifted from where the concerns are proved not affected.
If a deprecated
item has an alternative/better way of doing it, also implement it and mention it in the deprecated's note. For example, .target_blank_with_rel()
is suggested in the deprecated note above.