2024-11-10 00:12:09 +00:00
7 changed files with 17 additions and 8 deletions
--- a/assets/css/main.css
+++ b/assets/css/main.css
@ -344,6 +344,17 @@ picture > img {
 	image-rendering: pixelated;
 }

+/* WCAG Technique C25: use borders to separate sections.
+ * Also use "content-visibility: auto" to improve performance by
+ * reducing the number of DOM nodes rendered at once. */
+aside nav,
+footer,
+section[role="doc-endnotes"],
+section[aria-labelledby="webmentions"] {
+	border-top: 1px solid;
+	content-visibility: auto;
+}
+
 /* Make search box and submit button as wide as possible while keeping
 * them next to each other. */

@ -351,7 +362,6 @@ picture > img {
 * single-row flexbox that supports more browsers. Kanged this CSS from
 * ww.gov.uk. Give the entire width of the row to the search box, but
 * allow the minimum width for the submit button. */
-legend, /* Makes the <legend> wrap text in some browsers. */
 form > div {
 	display: table;
 	width: 100%
--- a/content/privacy.gmi
+++ b/content/privacy.gmi
@ -81,6 +81,8 @@ By default, web browsers may share arbitrary information with a server through H

 By default, web browsers can share near-arbitrary identifying data with a server by executing near-arbitrary JavaScript, or store this information for future transmission. I have disabled this behavior with a "Content-Security-Policy" HTTP header that forbids script loading ("script-src: none"), script execution ("sandbox"), and making connections for any purpose other than downloading a page a user navigated to ("connect-src").

+By default, web browsers may "pre-fetch" DNS queries for links on a page, potentially leaking information to third parties without a user's consent; I have disabled this behavior with the "X-DNS-Prefetch-Control" header. This header is respected by Chromium, Firefox, and Chromium derivatives (e.g. Google Chrome, Microsoft Edge).
+
 By default, user agents using HTTPS may contact a certificate authority to check the revocation status of an TLS certificate. I have disabled and replaced this behavior by including an "OCSP Must-Staple" directive in the TLS certificates used by my Web servers.

 By default, user agents using HTTP or HTTPS may share a "referring" location with the destination website when following a link. I have disabled this by sending a "Referrer-Policy: no-referrer" header.
--- a/content/privacy.md
+++ b/content/privacy.md
@ -87,6 +87,8 @@ By default, web browsers may share arbitrary information with a server through H

 By default, web browsers can share near-arbitrary identifying data with a server by executing near-arbitrary JavaScript, or store this information for future transmission. I have disabled this behavior with a `Content-Security-Policy` HTTP header that forbids script loading (`script-src: none`), script execution (`sandbox`), and making connections for any purpose other than downloading a page a user navigated to (`connect-src`).

+By default, web browsers may "pre-fetch" DNS queries for links on a page, potentially leaking information to third parties without a user's consent; I have disabled this behavior with the <code>X-DNS-Prefetch-<wbr />Control</code> header. This header is respected by Chromium, Firefox, and Chromium derivatives (e.g. Google Chrome, Microsoft Edge).
+
 By default, user agents using HTTPS may contact a certificate authority to check the revocation status of an TLS certificate. I have disabled and replaced this behavior by including an "OCSP Must-Staple" directive in the TLS certificates used by my Web servers.

 By default, user agents using HTTP or HTTPS may share a "referring" location with the destination website when following a link. I have disabled this by sending a `Referrer-Policy: no-referrer` header.
--- a/layouts/partials/footer.html
+++ b/layouts/partials/footer.html
@ -1,4 +1,3 @@
-<hr />
 <footer>
 	<p>
 	Copyright <time itemprop="copyrightYear" datetime="{{now.Year}}">{{now.Year}}</time> {{ partial "indieweb-author.html" -}}
--- a/layouts/partials/prev-next.html
+++ b/layouts/partials/prev-next.html
@ -2,7 +2,6 @@
 {{- if eq .Page.Section "notes" -}}
 	{{- $name = "note" -}}
 {{- end -}}
-<hr />
 <aside aria-labelledby="continue-hd">
 	<nav aria-labelledby="continue-hd">
 		<h2 id="continue-hd">Continue reading</h2>
--- a/layouts/partials/processed-content.html
+++ b/layouts/partials/processed-content.html
@ -10,8 +10,7 @@
 -->
 {{- $referencesWithoutHeading    := `(<div class="footnotes" role="doc-endnotes">
 <hr />)` -}}
-{{- $referencesWithHeading := printf `<hr />
-<section role="doc-endnotes" aria-labelledby="note-hd">
+{{- $referencesWithHeading := printf `<section role="doc-endnotes" aria-labelledby="note-hd">
 <h2 id="note-hd">%s</h2>` ($footnote_heading) -}}

 {{- $endnotesClosingDiv := `</a></p>
--- a/layouts/partials/webmentions.html
+++ b/layouts/partials/webmentions.html
@ -1,9 +1,7 @@
-<hr />
 <section aria-labelledby="webmentions">
 		<h2 id="webmentions" tabindex="-1">Webmen&#173;tions</h2>
-		<p>This site supports <a href="https://indieweb.org/webmention">Webmentions</a>, a backlink-based alternative to traditional comment forms.</p>
+		<p>This site supports <a href="https://indieweb.org/webmention">Webmentions</a>. Webmentions received for this post will appear in the following list after I approve them. I sometimes send Webmentions to myself on behalf of linking sites that don't support them. Check the <a href="https://web.archive.org/">Wayback Machine</a> if any links are broken.</p>
 		{{ partial "webmention-form.html" . }}
-		<p>Webmentions received for this post will appear in the following list after I approve them. I sometimes send Webmentions to myself on behalf of linking sites that don't support them. Check the <a href="https://web.archive.org/">Wayback Machine</a> if any links are broken.</p>
 		<details>
 			<summary>Toggle Webmentions</summary>
 			<dl>