diff --git a/content/posts/website-best-practices.gmi b/content/posts/website-best-practices.gmi index 91814dd..aede01a 100644 --- a/content/posts/website-best-practices.gmi +++ b/content/posts/website-best-practices.gmi @@ -69,7 +69,7 @@ style-src-attr 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; -manifest-src https://seirdy.one/manifest.min.HASH.webmanifest; +manifest-src 'self'; upgrade-insecure-requests; sandbox allow-same-origin ``` @@ -1457,6 +1457,8 @@ A special thanks goes out to GothAlice for the questions she answered in #webdev => https://browserleaks.com/fonts BrowserLeaks font fingerprinting demo. Warning: the page might hog your CPU for a while. ⁷ HPACK and QPACK header compression includes dictionaries containing common headers. If a header matches one of these common values, its effective size can be reduced to a single byte. If a header has an uncommon value, consider minifying it by removing unnecessary whitespace. Remember that if your golden first kilobyte already lists all essential resources, these could be considered premature optimizations. Real bottlenecks lie elsewhere. +=> https://datatracker.ietf.org/doc/html/rfc7541#appendix-A RFC 7541: HPACK static table definition +=> https://quicwg.org/base-drafts/draft-ietf-quic-qpack.html#appendix-A QPACK: Header Compression for HTTP/3 ⁸ Practical Typography only renders invisible text without JavaScript. You can use a textual browser, screen reader, copy-paste the page contents elsewhere, use a reader-mode implementation, or "view source" to read it without enabling scripts. All of these options will ironically override the carefully-crafted typography of this website about typography. I find Practical Typography quite useful for printed works, and incorporated a more moderate version of its advice on soft-hyphens into this page. With a few such exceptions, I generally find it to be poor advice for Web content. diff --git a/content/posts/website-best-practices.md b/content/posts/website-best-practices.md index 820fc3d..11f4fd9 100644 --- a/content/posts/website-best-practices.md +++ b/content/posts/website-best-practices.md @@ -77,7 +77,7 @@ style-src-attr 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; -manifest-src https://seirdy.one/manifest.min.HASH.webmanifest; +manifest-src 'self'; upgrade-insecure-requests; sandbox allow-same-origin ``` @@ -1412,7 +1412,9 @@ A special thanks goes out to GothAlice for the questions she answered in # [^4]: High-Performance Browser Networking by {{}} gives [a great introduction to how TCP works](https://hpbn.co/building-blocks-of-tcp/), if you'd like more details. -[^5]: HPACK and QPACK header compression includes dictionaries containing common headers. If a header matches one of these common values, its effective size can be reduced to a single byte. If a header has an uncommon value, consider minifying it by removing unnecessary whitespace. Remember that if your golden first kilobyte already lists all essential resources, these could be considered premature optimi­zations. Real bottlenecks lie elsewhere. +[^5]: HPACK and QPACK header compression includes dictionaries containing common header names, and some common header values; HPACK lists them in the table from Appendix A of {{}}. If a header name or name-value pair one of these predefined table entries, its effective size can be reduced to a single byte. If a header has a value that isn't covered by the table, consider minifying it by removing unnecessary whitespace. + + Remember that if your golden first kilobyte already lists all essential resources, these could be considered premature optimi­zations. Real bottlenecks lie elsewhere. [^6]: Ironically, that page doesn't load the main text without JavaScript despite citing a JavaScript requirement as a downside. If you can't load the page, the same reasons are [outlined here](https://addyosmani.com/blog/infinite-scroll-without-layout-shifts/) in the "Accessibility concerns for infinite scroll" section.