chore: cleanup whitespace in docs (#26356)

docs/tutorial/security.md

@@ -56,7 +56,6 @@ is your own code. Common web vulnerabilities, such as Cross-Site Scripting (XSS)
 have a higher security impact on Electron applications hence it is highly recommended
 to adopt secure software development best practices and perform security testing.
 
-
 ## Isolation For Untrusted Content
 
 A security issue exists whenever you receive code from an untrusted source (e.g.
@@ -150,7 +149,6 @@ browserWindow.loadURL('https://example.com')
 <link rel="stylesheet" href="https://example.com/style.css">
 ```
 
-
 ## 2) Do not enable Node.js Integration for Remote Content
 
 _This recommendation is the default behavior in Electron since 5.0.0._
@@ -225,7 +223,6 @@ window.readConfig = function () {
 }
 ```
 
-
 ## 3) Enable Context Isolation for Remote Content
 
 Context isolation is an Electron feature that allows developers to run code
@@ -244,7 +241,6 @@ prevent the use of Node primitives, `contextIsolation` must also be used.
 For more information on what `contextIsolation` is and how to enable it please
 see our dedicated [Context Isolation](context-isolation.md) document.
 
-
 ## 4) Handle Session Permission Requests From Remote Content
 
 You may have seen permission requests while using Chrome: They pop up whenever
@@ -283,7 +279,6 @@ session
   })
 ```
 
-
 ## 5) Do Not Disable WebSecurity
 
 _Recommendation is Electron's default_
@@ -302,6 +297,7 @@ Disabling `webSecurity` will disable the same-origin policy and set
 the execution of insecure code from different domains.
 
 ### How?
+
 ```js
 // Bad
 const mainWindow = new BrowserWindow({
@@ -324,7 +320,6 @@ const mainWindow = new BrowserWindow()
 <webview src="page.html"></webview>
 ```
 
-
 ## 6) Define a Content Security Policy
 
 A Content Security Policy (CSP) is an additional layer of protection against
@@ -381,7 +376,6 @@ on a page directly in the markup using a `<meta>` tag:
 <meta http-equiv="Content-Security-Policy" content="default-src 'none'">
 ```
 
-
 ## 7) Do Not Set `allowRunningInsecureContent` to `true`
 
 _Recommendation is Electron's default_
@@ -415,7 +409,6 @@ const mainWindow = new BrowserWindow({
 const mainWindow = new BrowserWindow({})
 ```
 
-
 ## 8) Do Not Enable Experimental Features
 
 _Recommendation is Electron's default_
@@ -448,7 +441,6 @@ const mainWindow = new BrowserWindow({
 const mainWindow = new BrowserWindow({})
 ```
 
-
 ## 9) Do Not Use `enableBlinkFeatures`
 
 _Recommendation is Electron's default_
@@ -466,6 +458,7 @@ ramifications are, and how it impacts the security of your application. Under
 no circumstances should you enable features speculatively.
 
 ### How?
+
 ```js
 // Bad
 const mainWindow = new BrowserWindow({
@@ -480,7 +473,6 @@ const mainWindow = new BrowserWindow({
 const mainWindow = new BrowserWindow()
 ```
 
-
 ## 10) Do Not Use `allowpopups`
 
 _Recommendation is Electron's default_
@@ -508,7 +500,6 @@ you know it needs that feature.
 <webview src="page.html"></webview>
 ```
 
-
 ## 11) Verify WebView Options Before Creation
 
 A WebView created in a renderer process that does not have Node.js integration
@@ -660,6 +651,7 @@ leveraged to execute arbitrary commands.
 const { shell } = require('electron')
 shell.openExternal(USER_CONTROLLED_DATA_HERE)
 ```
+
 ```js
 //  Good
 const { shell } = require('electron')
@@ -730,7 +722,6 @@ const mainWindow = new BrowserWindow({
 > from Electron 10. For prior versions, you need to explicitly disable
 > the `remote` module by the means above.
 
-
 ## 16) Filter the `remote` module
 
 If you cannot disable the `remote` module, you should filter the globals,
@@ -816,7 +807,6 @@ to fix issues before publishing them. Your application will be more secure if
 it is running a recent version of Electron (and thus, Chromium and Node.js) for
 which potential security issues are not as widely known.
 
-
 [browser-window]: ../api/browser-window.md
 [browser-view]: ../api/browser-view.md
 [webview-tag]: ../api/webview-tag.md