1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 12:52:10 +00:00

Compare commits

...

3 commits

Author SHA1 Message Date
Rohan Kumar
f060fcf13d
Meta:: describe 0-RTT adoption 2023-12-08 16:09:12 -08:00
Rohan Kumar
a870c2556a
Fix tab-reachability of preformatted blocks 2023-12-08 16:08:58 -08:00
Rohan Kumar
2badbe2601
Use cache-busting partial instead of Fingerprint
This gives files much smaller fingerprints, and supports caching.
2023-12-08 16:08:40 -08:00
12 changed files with 45 additions and 38 deletions

View file

@ -189,5 +189,5 @@ lint-and-deploy-staging:
deploy-envs: deploy-envs:
@$(MAKE) HUGO_FLAGS='--gc --ignoreCache' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs xhtmlize @$(MAKE) HUGO_FLAGS='--gc --ignoreCache' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs xhtmlize
@$(MAKE) HUGO_FLAGS='--gc --ignoreCache' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs copy-to-xhtml @$(MAKE) HUGO_FLAGS='--gc --ignoreCache' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs copy-to-xhtml
@$(MAKE) HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs html-validate validate-html validate-json validate-feeds @$(MAKE) HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs validate-html validate-json validate-feeds
@$(MAKE) SSHFLAGS='-o KexAlgorithms=curve25519-sha256@libssh.org' HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs deploy @$(MAKE) SSHFLAGS='-o KexAlgorithms=curve25519-sha256@libssh.org' HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs deploy

View file

@ -1,8 +1,8 @@
{{- $192png := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }} {{- $192png := partialCached "cache-bust.html" "/favicon192.png" "favicon192.png" }}
{{- $512png := resources.Get "/favicon512.png" | resources.Fingerprint "md5" }} {{- $512png := partialCached "cache-bust.html" "/favicon512.png" "favicon512.png" }}
{{- $1024svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" }} {{- $1024svg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" }}
{{- $maskablesvg := resources.Get "/maskable_android.svg" | resources.Fingerprint "md5" -}} {{- $maskablesvg := partial "cache-bust.html" "/maskable_android.svg" }}
{{- $monochromesvg := resources.Get "/monochrome.svg" | resources.Fingerprint "md5" -}} {{- $monochromesvg := partial "cache-bust.html" "/monochrome.svg" }}
{ {
"name": "{{site.Title}}", "name": "{{site.Title}}",
"short_name": "Seirdy", "short_name": "Seirdy",

View file

@ -82,7 +82,9 @@ Awards and badges
<figcaption itemprop="caption"> <figcaption itemprop="caption">
[Internet.nl](https://internet.nl/) offers an automated website security check. Relevant buzzwords include IPv6, DNSSEC, TLS, HTTP security headers, and RPKI. [See a report for seirdy.one](https://internet.nl/site/seirdy.one/1745918/). [Internet.nl](https://internet.nl/) offers an automated website security check. Relevant buzzwords include IPv6, DNSSEC, TLS, HTTP security headers, and RPKI. [See a report for seirdy.one](https://internet.nl/site/seirdy.one/2510940/).
Internet.nl penalizes the use of [0-RTT](https://blog.cloudflare.com/introducing-0-rtt/) because it opens sites up to replay attacks. Since passing the test, I moved all non-idempotent content to other subdomains. Save for some fancy Nginx redirects, everything on the `seirdy.one` domain is static public content. This property made it safe to enable 0-RTT without being at risk of replay attacks. As of right now, I don't pass the test, but I consider the 0-RTT failure to be a false positive.
</figcaption> </figcaption>

View file

@ -17,7 +17,7 @@
<meta name="robots" content="noindex,nofollow,nosnippet" /> <meta name="robots" content="noindex,nofollow,nosnippet" />
<title>{{ .Title }}</title> <title>{{ .Title }}</title>
{{ if not (in site.BaseURL ".onion") -}} {{ if not (in site.BaseURL ".onion") -}}
{{ $icon_svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" }} {{ $icon_svg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" }}
{{- printf `<link rel="icon" sizes="any" href="%s" type="image/svg+xml" />` $icon_svg.RelPermalink | safeHTML }} {{- printf `<link rel="icon" sizes="any" href="%s" type="image/svg+xml" />` $icon_svg.RelPermalink | safeHTML }}
{{- end }} {{- end }}
{{ $icon_192 := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }} {{ $icon_192 := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }}

View file

@ -9,9 +9,9 @@
{{- if eq .Section "notes" -}} {{- if eq .Section "notes" -}}
{{- $period = "hourly" -}} {{- $period = "hourly" -}}
{{- end -}} {{- end -}}
{{- $faviconSvg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" -}} {{- $faviconSvg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" -}}
{{- $image := resources.Get "/favicon192.png" | resources.Fingerprint "md5" -}} {{- $image := partialCached "cache-bust.html" "/favicon192.png" "/favicon192.png" -}}
{{- $atomLogo := resources.Get "/atom.svg" | resources.Fingerprint "md5" -}} {{- $atomLogo := partial "cache-bust.html" "/atom.svg" -}}
{{- /*rejected http://backend.userland.com/creativeCommonsRssModule, as it's completely redundant with <rights> and rel-license. */ -}} {{- /*rejected http://backend.userland.com/creativeCommonsRssModule, as it's completely redundant with <rights> and rel-license. */ -}}
<?xml version="1.0" encoding="utf-8" standalone="yes"?> <?xml version="1.0" encoding="utf-8" standalone="yes"?>
<feed <feed
@ -93,7 +93,7 @@
<activity:object-type>http://activitystrea.ms/schema/1.0/{{ $type }}</activity:object-type> <activity:object-type>http://activitystrea.ms/schema/1.0/{{ $type }}</activity:object-type>
<activity:verb>http://activitystrea.ms/schema/1.0/post</activity:verb> <activity:verb>http://activitystrea.ms/schema/1.0/post</activity:verb>
{{- with .Params.image -}} {{- with .Params.image -}}
{{- $image = resources.Get (printf "/p/%s" . ) | resources.Fingerprint "md5" -}} {{- $image := partial "cache-bust.html" (printf "/p/%s" . ) -}}
{{- end -}} {{- end -}}
<media:thumbnail url="{{ $image.Permalink }}" width="{{ $image.Width }}" height="{{ $image.Height }}" /> <media:thumbnail url="{{ $image.Permalink }}" width="{{ $image.Width }}" height="{{ $image.Height }}" />
{{ with .Description -}} {{ with .Description -}}

View file

@ -0,0 +1,5 @@
{{ $resource := resources.Get . -}}
{{- $target_path_formatStr := (replaceRE `(\.[^\.]*)$` ".%d$1" .) -}}
{{- $cacheBuster := $resource.Content | crypto.FNV32a -}}
{{- $target_path := printf $target_path_formatStr $cacheBuster -}}
{{- return resources.Copy $target_path $resource -}}

View file

@ -55,10 +55,10 @@
{{- end -}} {{- end -}}
<!--the Tor Browser's safest setting disables SVGs but still downloads them to avoid fingerprinting--> <!--the Tor Browser's safest setting disables SVGs but still downloads them to avoid fingerprinting-->
{{ if not (in site.BaseURL ".onion") -}} {{ if not (in site.BaseURL ".onion") -}}
{{ $icon_svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" }} {{ $icon_svg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" }}
{{- printf `<link rel="icon" sizes="any" href="%s" type="image/svg+xml" />` $icon_svg.RelPermalink | safeHTML }} {{- printf `<link rel="icon" sizes="any" href="%s" type="image/svg+xml" />` $icon_svg.RelPermalink | safeHTML }}
{{- end }} {{- end }}
{{ $icon_192 := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }} {{ $icon_192 := partialCached "cache-bust.html" "/favicon192.png" "/favicon192.png" }}
{{- printf `<link rel="icon" sizes="192x192" href="%s" type="image/png" />` $icon_192.RelPermalink | safeHTML -}} {{- printf `<link rel="icon" sizes="192x192" href="%s" type="image/png" />` $icon_192.RelPermalink | safeHTML -}}
<meta name="color-scheme" content="light dark" /> <meta name="color-scheme" content="light dark" />
<meta name="format-detection" content="telephone=no" /><!-- Why does apple do this --> <meta name="format-detection" content="telephone=no" /><!-- Why does apple do this -->
@ -70,10 +70,10 @@
<meta property="og:type" content="article" /> <meta property="og:type" content="article" />
{{- end -}} {{- end -}}
<!-- ANOTHER meta image?! When will it end? --> <!-- ANOTHER meta image?! When will it end? -->
{{- $og_image := resources.Get "/favicon512.png" | resources.Fingerprint "md5" -}} {{- $og_image := partialCached "cache-bust.html" "/favicon512.png" "/favicon512.png" -}}
{{- $og_image_alt := "" -}}<!--Default open graph image is purely decorative and visual, so it should be hidden from assistive technologies.--> {{- $og_image_alt := "" -}}<!--Default open graph image is purely decorative and visual, so it should be hidden from assistive technologies.-->
{{- with .Params.image -}} {{- with .Params.image -}}
{{- $og_image = resources.Get (printf "/p/%s" . ) | resources.Fingerprint "md5" -}} {{- $og_image = partial "cache-bust.html" (printf "/p/%s" .) -}}
{{- end -}} {{- end -}}
{{- with .Params.image_alt -}} {{- with .Params.image_alt -}}
{{- $og_image_alt = . -}} {{- $og_image_alt = . -}}

View file

@ -21,14 +21,14 @@
> >
{{ with $opus -}} {{ with $opus -}}
{{- $download_url = $opus.RelPermalink -}} {{- $download_url = $opus.RelPermalink -}}
{{ $opus_src := . | resources.Fingerprint "md5" -}} {{ $opus_src := partial "cache-bust.html" . -}}
<source <source
src="{{ $opus_src.RelPermalink }}" src="{{ $opus_src.RelPermalink }}"
type='audio/ogg; codecs="opus"' /> type='audio/ogg; codecs="opus"' />
{{ end -}} {{ end -}}
{{ with $mp3 -}} {{ with $mp3 -}}
{{- $download_url = $mp3.RelPermalink -}} {{- $download_url = $mp3.RelPermalink -}}
{{ $mp3_src := . | resources.Fingerprint "md5" -}} {{ $mp3_src := partial "cache-bust.html" . -}}
<source <source
src="{{ $mp3_src.RelPermalink }}" src="{{ $mp3_src.RelPermalink }}"
type="audio/mpeg" /> type="audio/mpeg" />

View file

@ -1,5 +1,4 @@
{{- $favicon := resources.Get "/favicon.png" -}}<!-- re-using the favicon for the author photo --> <!-- re-using the favicon for the author photo
{{- $favicon_base64 := $favicon.Content | base64Encode -}}<!--
Reader mode implementations use .p-author, itemprop=author, and/or .author to add Reader mode implementations use .p-author, itemprop=author, and/or .author to add
a byline. Some also strip elements matching the "byline" class to avoid duplicating a byline. Some also strip elements matching the "byline" class to avoid duplicating
the byline. Mozilla Readability uses both microformats1 and microformats2 while the byline. Mozilla Readability uses both microformats1 and microformats2 while

View file

@ -1,10 +1,10 @@
{{ $favicon := resources.Get "/favicon.png" -}} {{- $src := "" -}}
{{- $favicon_base64 := $favicon.Content | base64Encode -}}
{{- $favicon_svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" -}}
{{- if in site.BaseURL ".onion" -}} {{- if in site.BaseURL ".onion" -}}
<img itemprop="image" width="16" height="16" alt="" {{- $favicon := resources.Get "/favicon.png" -}}
src="data:image/png;base64,{{ $favicon_base64 }}" class="u-photo photo" /> {{- $favicon_base64 := $favicon.Content | base64Encode -}}
{{- $src = printf "data:image/png;base64,%s" $favicon_base64 -}}
{{- else -}} {{- else -}}
<img itemprop="image" width="16" height="16" alt="" {{- with (partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg") -}}
src="{{ $favicon_svg.Permalink }}" class="u-photo photo" /> {{- $src = .Permalink -}}
{{- end }} {{- end -}}{{- end -}}
<img itemprop="image" width="16" height="16" alt="" src="{{ $src }}" class="u-photo photo" />

View file

@ -32,7 +32,7 @@
<picture> <picture>
{{- if not (in site.BaseURL ".onion") -}} {{- if not (in site.BaseURL ".onion") -}}
{{ with $dark_svg -}} {{ with $dark_svg -}}
{{ $dark_svg_src := . | resources.Fingerprint "md5" -}} {{ $dark_svg_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $dark_svg_src.RelPermalink }}" srcset="{{ $dark_svg_src.RelPermalink }}"
type="image/svg+xml" type="image/svg+xml"
@ -40,28 +40,28 @@
{{ end -}} {{ end -}}
{{ end -}} {{ end -}}
{{ with $dark_jxl -}} {{ with $dark_jxl -}}
{{ $dark_jxl_src := . | resources.Fingerprint "md5" -}} {{ $dark_jxl_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $dark_jxl_src.RelPermalink }}" srcset="{{ $dark_jxl_src.RelPermalink }}"
type="image/jxl" type="image/jxl"
media="screen and (prefers-color-scheme: dark)" /> media="screen and (prefers-color-scheme: dark)" />
{{ end -}} {{ end -}}
{{ with $dark_avif -}} {{ with $dark_avif -}}
{{ $dark_avif_src := . | resources.Fingerprint "md5" -}} {{ $dark_avif_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $dark_avif_src.RelPermalink }}" srcset="{{ $dark_avif_src.RelPermalink }}"
type="image/avif" type="image/avif"
media="screen and (prefers-color-scheme: dark)" /> media="screen and (prefers-color-scheme: dark)" />
{{ end -}} {{ end -}}
{{ with $dark_webp -}} {{ with $dark_webp -}}
{{ $dark_webp_src := . | resources.Fingerprint "md5" -}} {{ $dark_webp_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $dark_webp_src.RelPermalink }}" srcset="{{ $dark_webp_src.RelPermalink }}"
type="image/webp" type="image/webp"
media="screen and (prefers-color-scheme: dark)" /> media="screen and (prefers-color-scheme: dark)" />
{{ end -}} {{ end -}}
{{ with $orig_img_dark -}} {{ with $orig_img_dark -}}
{{ $orig_dark_src := . | resources.Fingerprint "md5" -}} {{ $orig_dark_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $orig_dark_src.RelPermalink }}" srcset="{{ $orig_dark_src.RelPermalink }}"
type="{{ $orig_img_dark_type }}" type="{{ $orig_img_dark_type }}"
@ -69,31 +69,31 @@
{{ end -}} {{ end -}}
{{- if not (in site.BaseURL ".onion") -}} {{- if not (in site.BaseURL ".onion") -}}
{{ with $light_svg -}} {{ with $light_svg -}}
{{ $light_svg_src := . | resources.Fingerprint "md5" -}} {{ $light_svg_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $light_svg_src.RelPermalink }}" srcset="{{ $light_svg_src.RelPermalink }}"
type="image/svg+xml" /> type="image/svg+xml" />
{{ end -}} {{ end -}}
{{ end -}} {{ end -}}
{{ with $light_jxl -}} {{ with $light_jxl -}}
{{ $light_jxl_src := . | resources.Fingerprint "md5" -}} {{ $light_jxl_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $light_jxl_src.RelPermalink }}" srcset="{{ $light_jxl_src.RelPermalink }}"
type="image/jxl" /> type="image/jxl" />
{{ end -}} {{ end -}}
{{ with $light_avif -}} {{ with $light_avif -}}
{{ $light_avif_src := . | resources.Fingerprint "md5" -}} {{ $light_avif_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $light_avif_src.RelPermalink }}" srcset="{{ $light_avif_src.RelPermalink }}"
type="image/avif" /> type="image/avif" />
{{ end -}} {{ end -}}
{{ with $light_webp -}} {{ with $light_webp -}}
{{ $light_webp_src := . | resources.Fingerprint "md5" -}} {{ $light_webp_src := partial "cache-bust.html" . -}}
<source <source
srcset="{{ $light_webp_src.RelPermalink }}" srcset="{{ $light_webp_src.RelPermalink }}"
type="image/webp" /> type="image/webp" />
{{ end -}} {{ end -}}
{{ $orig_src := $orig_img | resources.Fingerprint "md5" -}} {{ $orig_src := partial "cache-bust.html" $orig_img -}}
<source <source
srcset="{{ $orig_src.RelPermalink }}" srcset="{{ $orig_src.RelPermalink }}"
type="{{ $orig_img_type }}" /> type="{{ $orig_img_type }}" />

View file

@ -47,6 +47,7 @@ sed 7d "$html_file" | run_xmllint | tail -n +2 >"$tmp_file"
-e '1,7d' \ -e '1,7d' \
-e 's|</span><span itemprop="familyName"|</span>\&#160;<span itemprop="familyName"|' \ -e 's|</span><span itemprop="familyName"|</span>\&#160;<span itemprop="familyName"|' \
-e 's|class="u-photo photo"[^<]*<|class="u-photo photo"/> <|' \ -e 's|class="u-photo photo"[^<]*<|class="u-photo photo"/> <|' \
-e 's|<pre>|<pre tabindex="0">|' \
-E \ -E \
-e 's|([a-z])<data|\1 <data|' \ -e 's|([a-z])<data|\1 <data|' \
-e 's#</span>(<a[^>]*rel="(nofollow ugc|ugc nofollow)"([^>]*)?>liked</a>)#</span> \1#' \ -e 's#</span>(<a[^>]*rel="(nofollow ugc|ugc nofollow)"([^>]*)?>liked</a>)#</span> \1#' \