HackerTrans
トップ新着トレンドコメント過去質問紹介求人

simonmysun

no profile record

投稿

Nous Research edits GitHub issue to remove plagiarism claims about Hermes Agent

github.com
8 ポイント·投稿者 simonmysun·2 か月前·1 コメント

Tell HN: Immersive-translate plugin may expose you to XSS attacks

3 ポイント·投稿者 simonmysun·2 年前·5 コメント

コメント

simonmysun
·先月·議論
I read the article in the source code mode and thought it was intentional until I came back to the comments

P.S. your solution seems to have disabled the custom font instead of fixing it
simonmysun
·先月·議論
Hmm I cannot load the font on Firefox 151.0.3 Arch Linux. All I see is only a title and empty paragraphs. So I end up reading the article in the source code mode and felt pretty on-brand.

Back to HN comments it looks like this wasn't actually intentional?
simonmysun
·2 か月前·議論
[flagged]
simonmysun
·10 か月前·議論
Nice. Searching on Google I only got interactive maps requiring annoying registration.

A small tip: It's a bit complicated to hide a specific icon on the map. It would be better if users could uncheck them when exploring the map instead of having to find them on the left panel. Besides, an export / import functionality for what you stored in LocalStorage would also be helpful.

And there's some extra lessons from the Elden Ring map from Chinese communities: They allow users to contribute by leaving comments with coordinates. The comments are categorized into "tips", "lore", "roast", etc and can be liked or disliked, which can be filtered by the viewers. In the end it became a very useful map for all kind of players.
simonmysun
·2 年前·議論
I might have indicated it's DOMPurify's problem. Sorry I didn't mean that.

The browser add-on is unfortunately not open source and I don't want to spend a lot of time to investigate it. According an earlier issue (#1437), they should have fixed it already. I guess the later envolvements changed that.

I agree with you that what DOMPurify does should be cared of by the Browser.
simonmysun
·2 年前·議論
Yes. The issue is caused by the browser add-on. Before they get it fixed, I think it's better to notify HN users who use it.

They said in previous posts that they are using `DOMPurify` to sanitize the code, but it turns out that it did not work well.
simonmysun
·2 年前·議論
Screenshots to prove: https://imgur.com/a/vaKVo52