mirror of
https://git.sr.ht/~seirdy/seirdy.one
synced 2024-11-27 14:12:09 +00:00
Compare commits
9 commits
5c70d4d836
...
8953723a2f
Author | SHA1 | Date | |
---|---|---|---|
|
8953723a2f | ||
|
f95e28ec98 | ||
|
64bc464aca | ||
|
783d6645aa | ||
|
99f7222fdd | ||
|
846a5f13f9 | ||
|
09e14bcfc2 | ||
|
1e781a3bf8 | ||
|
7f7e7be5a3 |
16 changed files with 51 additions and 13 deletions
2
Makefile
2
Makefile
|
@ -13,7 +13,7 @@ WWW_RSYNC_DEST = $(USER):$(WWW_ROOT)
|
||||||
GEMINI_RSYNC_DEST = $(USER):$(GEMINI_ROOT)
|
GEMINI_RSYNC_DEST = $(USER):$(GEMINI_ROOT)
|
||||||
|
|
||||||
OUTPUT_DIR = public
|
OUTPUT_DIR = public
|
||||||
RSYNCFLAGS += -rlcv --zc=zstd --zl=6 --skip-compress=gz/br/zst/png/webp/jpg/avif/jxl/mp4/mkv/webm/opus/mp3
|
RSYNCFLAGS += -rlpcv --zc=zstd --zl=6 --skip-compress=gz/br/zst/png/webp/jpg/avif/jxl/mp4/mkv/webm/opus/mp3
|
||||||
# compression gets slow for extreme levels like the old "70109"
|
# compression gets slow for extreme levels like the old "70109"
|
||||||
ECT_LEVEL=9
|
ECT_LEVEL=9
|
||||||
|
|
||||||
|
|
|
@ -11,9 +11,9 @@ CHROME_PATH = $(CHROME_DIR)/thorium
|
||||||
CHROMEDRIVER_PATH = $(CHROME_DIR)/chromedriver
|
CHROMEDRIVER_PATH = $(CHROME_DIR)/chromedriver
|
||||||
CHROME_PROFILE ?= /tmp/chrome-lighthouse
|
CHROME_PROFILE ?= /tmp/chrome-lighthouse
|
||||||
JS_FLAGS=''
|
JS_FLAGS=''
|
||||||
CHROME_FLAGS += --disable-extensions --no-default-browser-check --disable-client-side-phishing-detection --disable-component-update --disable-default-apps --disable-device-discovery-notifications --disable-domain-reliability --disable-background-timer-throttling --disable-breakpad --enable-blink-features=LayoutInstabilityAPI --no-first-run --disable-background-networking --user-data-dir=$(CHROME_PROFILE) --enable-quic --start-in-incognito --origin-to-force-quic-on=$(DOMAIN):443
|
CHROME_FLAGS += --headless --disable-extensions --no-default-browser-check --disable-client-side-phishing-detection --disable-component-update --disable-default-apps --disable-device-discovery-notifications --disable-domain-reliability --disable-background-timer-throttling --disable-breakpad --enable-blink-features=LayoutInstabilityAPI --no-first-run --disable-background-networking --user-data-dir=$(CHROME_PROFILE) --enable-quic --start-in-incognito --origin-to-force-quic-on=$(DOMAIN):443
|
||||||
CHROME_FLAGS_COMMA = 'disable-extensions,no-default-browser-check,disable-client-side-phishing-detection,disable-component-update,disable-default-apps,disable-device-discovery-notifications,disable-domain-reliability,disable-background-timer-throttling,disable-breakpad,no-first-run,disable-background-networking,js-flags=--jitless'
|
CHROME_FLAGS_COMMA = 'disable-extensions,no-default-browser-check,disable-client-side-phishing-detection,disable-component-update,disable-default-apps,disable-device-discovery-notifications,disable-domain-reliability,disable-background-timer-throttling,disable-breakpad,no-first-run,disable-background-networking,js-flags=--jitless'
|
||||||
CPU_SLOWDOWN=15.0
|
CPU_SLOWDOWN=12.0
|
||||||
LIGHTHOUSE_ARGS += --budget-path linter-configs/budget.json --output html --output json --output-file lighthouse-results --throttling-method=devtools --throttling.cpuSlowdownMultiplier=$(CPU_SLOWDOWN) --chrome-flags="$(CHROME_FLAGS)"
|
LIGHTHOUSE_ARGS += --budget-path linter-configs/budget.json --output html --output json --output-file lighthouse-results --throttling-method=devtools --throttling.cpuSlowdownMultiplier=$(CPU_SLOWDOWN) --chrome-flags="$(CHROME_FLAGS)"
|
||||||
|
|
||||||
hint-online:
|
hint-online:
|
||||||
|
|
|
@ -123,8 +123,6 @@ html {
|
||||||
/* Add padding on both sides so that focus outlines don't escape their
|
/* Add padding on both sides so that focus outlines don't escape their
|
||||||
* containers. This will let us enable CSS containment without
|
* containers. This will let us enable CSS containment without
|
||||||
* clipping overflowing elements. */
|
* clipping overflowing elements. */
|
||||||
margin-top: .25em;
|
|
||||||
margin-bottom: .25em;
|
|
||||||
padding: 0 .5em;
|
padding: 0 .5em;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -133,6 +131,23 @@ html {
|
||||||
padding-left: .25em
|
padding-left: .25em
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Breadcrumbs get a lot of padding, making the hr margin redundant
|
||||||
|
* Due to containment, the wide blurb at the top of non-article pages
|
||||||
|
* has a huge padding on the bottom. This actually works for archive
|
||||||
|
* pages but not for the main page. */
|
||||||
|
article > hr,
|
||||||
|
body > hr,
|
||||||
|
main > hr {
|
||||||
|
margin: 0 .5em;
|
||||||
|
}
|
||||||
|
header hr {
|
||||||
|
margin-bottom: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
h1 {
|
||||||
|
margin: 0 0 .25em;
|
||||||
|
}
|
||||||
|
|
||||||
/* Archive pages can get long. Allow them to get long without slowing
|
/* Archive pages can get long. Allow them to get long without slowing
|
||||||
* down the browser by using content-visibility. */
|
* down the browser by using content-visibility. */
|
||||||
dt,
|
dt,
|
||||||
|
@ -404,7 +419,6 @@ blockquote {
|
||||||
h1 {
|
h1 {
|
||||||
-webkit-hyphens: auto;
|
-webkit-hyphens: auto;
|
||||||
hyphens: auto;
|
hyphens: auto;
|
||||||
margin-top: .25em;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Very narrow screens: full hyphenation.
|
/* Very narrow screens: full hyphenation.
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Before Width: | Height: | Size: 7 KiB After Width: | Height: | Size: 4.5 KiB |
Binary file not shown.
Before Width: | Height: | Size: 6.4 KiB |
Binary file not shown.
Binary file not shown.
Before Width: | Height: | Size: 6.8 KiB After Width: | Height: | Size: 4.4 KiB |
Binary file not shown.
Before Width: | Height: | Size: 6.3 KiB |
|
@ -157,7 +157,8 @@ disableKinds = ["taxonomy", "term"]
|
||||||
# than IncludeFields above, depending on what you want.
|
# than IncludeFields above, depending on what you want.
|
||||||
excludeFields = ".*"
|
excludeFields = ".*"
|
||||||
|
|
||||||
# don't minify html but minify other resources, esp the fulltext rss/atom feeds
|
# don't minify html but minify other resources
|
||||||
|
# Don't minify atom feeds because it messes up whitespace in entry contents.
|
||||||
[minify]
|
[minify]
|
||||||
minifyOutput = true
|
minifyOutput = true
|
||||||
disableXML = true
|
disableXML = true
|
||||||
|
|
18
content/notes/on-enforcing-https.md
Normal file
18
content/notes/on-enforcing-https.md
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
title: "On enforcing HTTPS"
|
||||||
|
date: 2022-08-03T21:31:09-07:00
|
||||||
|
replyURI: "https://1mb.club/blog/https-redirects/"
|
||||||
|
replyTitle: "Consider Disabling HTTPS Auto Redirects"
|
||||||
|
replyType: "BlogPosting"
|
||||||
|
replyAuthor: "Bradley Taunt"
|
||||||
|
replyAuthorURI: "https://tdarb.org/"
|
||||||
|
---
|
||||||
|
One thing this article misses is the fact that webpages are delivered over the Web to Web browsers.
|
||||||
|
|
||||||
|
The vast majority of browsers are application runtime environments. Serving pages to users' browsers creates a software distribution platform. Serving pages in cleartext is a way to give permission to users' ISPs, network administrators, and governments to serve _their_ malware instead, under _your_ name, whether or not your page includes any scripts of your own.
|
||||||
|
|
||||||
|
People can't always choose their networks, service providers, or governments. They aren't always equipped to deal with content injection and page alteration.
|
||||||
|
|
||||||
|
This isn't a "fear-based tactic". It's an acknowledgement of our reality: networks are hostile. There are no robust measures to stop an intermediary from altering unencrypted traffic, yet there are strong incentives for all able parties to do so. That makes malware injection a perfectly reasonable concern. Moreover: multiple ISPs, including Comcast and Vodafone, have been caught [injecting JavaScript apps into unencrypted pages](https://www.infoworld.com/article/2925839/code-injection-new-low-isps.html). [Governments are no stranger to content injection](https://www.eff.org/deeplinks/2015/04/china-uses-unencrypted-websites-to-hijack-browsers-in-github-attack) either.
|
||||||
|
|
||||||
|
If you want to serve in cleartext, pick a protocol that's _not_ part of an application delivery platform. Gopher is a popular option.
|
|
@ -94,7 +94,7 @@ These are large engines that pass all my standard tests and more.
|
||||||
- Yandex: originally a Russian search engine, it now has an English version. Some Russian results bleed into its English site. Like Bing, it allows submitting pages and sitemaps for crawling using the IndexNow API. Powers:
|
- Yandex: originally a Russian search engine, it now has an English version. Some Russian results bleed into its English site. Like Bing, it allows submitting pages and sitemaps for crawling using the IndexNow API. Powers:
|
||||||
|
|
||||||
- Epic Search (went paid-only as of June 2021)
|
- Epic Search (went paid-only as of June 2021)
|
||||||
- Occasionally powers DuckDuck­Go's link results instead of Bing <ins cite="https://energycommerce.house.gov/committee-activity/hearings/hearing-on-holding-big-tech-accountable-legislation-to-protect-online">(update: DuckDuckGo has "paused" its partnership with Yandex, confirmed in {{<mention-work itemtype="Event" itemprop="mentions" role="doc-credit">}}{{<cited-work name="Hearing on “Holding Big Tech Accountable: Legislation to Protect Online Users”" url="https://energycommerce.house.gov/committee-activity/hearings/hearing-on-holding-big-tech-accountable-legislation-to-protect-online" >}}{{</mention-work>}})</ins>
|
- Occasionally powers DuckDuck­Go's link results instead of Bing <ins cite="https://energycommerce.house.gov/committee-activity/hearings/hearing-on-holding-big-tech-accountable-legislation-to-protect-online">(update: DuckDuckGo has "paused" its partnership with Yandex, confirmed in <cite>[Hearing on “Holding Big Tech Accountable: Legislation to Protect Online Users”](https://energycommerce.house.gov/committee-activity/hearings/hearing-on-holding-big-tech-accountable-legislation-to-protect-online)</cite></ins>
|
||||||
- Petal, for Russian users only.
|
- Petal, for Russian users only.
|
||||||
|
|
||||||
- [Mojeek](https://www.mojeek.com/): Seems privacy-oriented with a large index containing billions of pages. Quality isn't at GBY's level, but it’s not bad either. If I had to use Mojeek as my default general search engine, I'd live. Partially powers [eTools.ch](https://www.etools.ch/). At this moment, _I think that Mojeek is the best alternative to GBY_ for general search.
|
- [Mojeek](https://www.mojeek.com/): Seems privacy-oriented with a large index containing billions of pages. Quality isn't at GBY's level, but it’s not bad either. If I had to use Mojeek as my default general search engine, I'd live. Partially powers [eTools.ch](https://www.etools.ch/). At this moment, _I think that Mojeek is the best alternative to GBY_ for general search.
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
<main>
|
<main>
|
||||||
<h1 id="h1" tabindex="-1">Seirdy’s Home</h1>
|
<h1 id="h1" tabindex="-1">Seirdy’s Home</h1>
|
||||||
<p itemprop="description">{{ .Site.Params.Description }}</p>
|
<p itemprop="description">{{ .Site.Params.Description }}</p>
|
||||||
|
<hr />
|
||||||
<div class="narrow">
|
<div class="narrow">
|
||||||
{{ partial "processed-content.html" . }}
|
{{ partial "processed-content.html" . }}
|
||||||
{{ partial "posts.html" . }}
|
{{ partial "posts.html" . }}
|
||||||
|
|
|
@ -4,8 +4,8 @@
|
||||||
{{- if not .Params.disableMeta -}}
|
{{- if not .Params.disableMeta -}}
|
||||||
{{- partial "post-meta.html" . -}}
|
{{- partial "post-meta.html" . -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
<hr />
|
|
||||||
</header>
|
</header>
|
||||||
|
<hr />
|
||||||
<div class="e-content entry-content" itemprop="articleBody">
|
<div class="e-content entry-content" itemprop="articleBody">
|
||||||
<meta itemprop="author" content="Rohan Kumar" />
|
<meta itemprop="author" content="Rohan Kumar" />
|
||||||
<!--That was needed bc some reading modes get confused by other authors referenced in the text-->
|
<!--That was needed bc some reading modes get confused by other authors referenced in the text-->
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
{{- $title = $title | replaceRE `^@Seirdy@pleroma.envs.net(\n| )?` "" -}}
|
{{- $title = $title | replaceRE `^@Seirdy@pleroma.envs.net(\n| )?` "" -}}
|
||||||
{{- /* Mastodon webmentions may include the author in the title followed by a colon; this is redundant. */ -}}
|
{{- /* Mastodon webmentions may include the author in the title followed by a colon; this is redundant. */ -}}
|
||||||
{{- if and (isset $webmention "author_name") (findRE `@` $webmention.source) (not (findRE "^https://bridg.gy" $webmention.source)) -}}
|
{{- if and (isset $webmention "author_name") (findRE `@` $webmention.source) (not (findRE "^https://bridg.gy" $webmention.source)) -}}
|
||||||
{{ $title = $title | replaceRE `^[^:]{0,20}: ?` "" }}
|
{{ $title = $title | replaceRE `^[^:]{0,20}: ?` "" | replaceRE `^"@Seirdy@pleroma.envs.net ?` `"` }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if and ($hasContent) (gt (countrunes $webmention.title) 128) -}}
|
{{- if and ($hasContent) (gt (countrunes $webmention.title) 128) -}}
|
||||||
|
|
|
@ -31,18 +31,22 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"resourceType": "document",
|
"resourceType": "document",
|
||||||
"budget": 60
|
"budget": 75
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"resourceType": "image",
|
"resourceType": "image",
|
||||||
"budget": 35
|
"budget": 50
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"resourceType": "stylesheet",
|
"resourceType": "stylesheet",
|
||||||
"budget": 1
|
"budget": 3
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"resourceCounts": [
|
"resourceCounts": [
|
||||||
|
{
|
||||||
|
"resourceType": "stylesheet",
|
||||||
|
"budget": 1
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"resourceType": "script",
|
"resourceType": "script",
|
||||||
"budget": 0
|
"budget": 0
|
||||||
|
|
Loading…
Reference in a new issue