Hi @GeovaneB,
CSS inspector:
- Unexpected unknown type selector âp2â
p,p2{
font-size:16px;
font-family:bree serif;
}
- In your html file you have an
id=p2
, to use it you need a selector:
In an HTML document, the CSS ID selector matches an element based on the value of its id attribute. The selected elementâs ID attribute must match exactly the value given in the selector.
/* The element with id="demo" */
#demo {
border: red 2px solid;
}
MDN documentation:
ID selectors - CSS: Cascading Style Sheets | MDN
----
HTML inspector:
- The
<center>
element is obsolete and should not be used.
<center>
<h1>Koko</h1>
<h3>The Gorilla who "talks"</h3>
<figure>
MDN documentation:
<center>: The Centered Text element - HTML: HyperText Markup Language | MDN
Deprecated
This his feature has been removed from the Web standards. Though some browsers may still support it, it is in the process of being dropped.Do not use it in old or new projects. Pages or Web apps using it may break at any time.
----
- Do not use lower levels to decrease heading font size:
<h1>Koko</h1>
<h3>The Gorilla who "talks"</h3>
MDN documentation:
<h1>â<h6>: The HTML Section Heading elements - HTML: HyperText Markup Language | MDN
Do not use lower levels to decrease heading font size: use the CSS font-size property instead.Avoid skipping heading levels: always start from
<h1>
, next use<h2>
and so on.
h2âh6 elements must not be used to markup subheadings, subtitles, alternative titles and taglines unless intended to be the heading for a new section or subsection. Instead use the markup patterns in the §4.13 Common idioms without dedicated elements section of the specification.
Common Idioms
HTML Standard
----
- Target blank vulnerability
<a href="http://www.koko.org/" target="_blank">here</a>
MDN documentation:
<a>: The Anchor element - HTML: HyperText Markup Language | MDN
Note: When using target, consider adding rel=ânoopener noreferrerâ
to avoid exploitation of the window.opener API.
TL;DR If window.opener is set, a page can trigger a navigation in the opener regardless of security origin.
Target="_blank" - the most underestimated vulnerability ever
People using target=â_blankâ links usually have no idea about this curious fact:
The page weâre linking to gains partial access to the linking page via the window.opener object.
The newly opened tab can, say, change the window.opener.location to some phishing page. Or execute some JavaScript on the opener-page on your behalf⌠Users trust the page that is already opened, they wonât get suspicious.
How to fix
Add this to your outgoing links.
rel="noopener"
Update: FF does not support ânoopenerâ so add this.
rel="noopener noreferrer"
Remember, that every time you open a new window via window.open(); youâre also âvulnerableâ to this, so always reset the âopenerâ property
var newWnd = window.open();
newWnd.opener = null;
Cheers and happy coding