1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-10 00:12:09 +00:00

Compare commits

..

3 commits

Author SHA1 Message Date
Rohan Kumar
f060fcf13d
Meta:: describe 0-RTT adoption 2023-12-08 16:09:12 -08:00
Rohan Kumar
a870c2556a
Fix tab-reachability of preformatted blocks 2023-12-08 16:08:58 -08:00
Rohan Kumar
2badbe2601
Use cache-busting partial instead of Fingerprint
This gives files much smaller fingerprints, and supports caching.
2023-12-08 16:08:40 -08:00
12 changed files with 45 additions and 38 deletions

View file

@ -189,5 +189,5 @@ lint-and-deploy-staging:
deploy-envs:
@$(MAKE) HUGO_FLAGS='--gc --ignoreCache' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs xhtmlize
@$(MAKE) HUGO_FLAGS='--gc --ignoreCache' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs copy-to-xhtml
@$(MAKE) HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs html-validate validate-html validate-json validate-feeds
@$(MAKE) HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs validate-html validate-json validate-feeds
@$(MAKE) SSHFLAGS='-o KexAlgorithms=curve25519-sha256@libssh.org' HUGO_FLAGS='' USER=seirdy@envs.net WWW_ROOT=/home/seirdy/public_html GEMINI_ROOT=/home/seirdy/public_gemini HUGO_BASEURL='https://envs.net/~seirdy/' OUTPUT_DIR=public_envs deploy

View file

@ -1,8 +1,8 @@
{{- $192png := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }}
{{- $512png := resources.Get "/favicon512.png" | resources.Fingerprint "md5" }}
{{- $1024svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" }}
{{- $maskablesvg := resources.Get "/maskable_android.svg" | resources.Fingerprint "md5" -}}
{{- $monochromesvg := resources.Get "/monochrome.svg" | resources.Fingerprint "md5" -}}
{{- $192png := partialCached "cache-bust.html" "/favicon192.png" "favicon192.png" }}
{{- $512png := partialCached "cache-bust.html" "/favicon512.png" "favicon512.png" }}
{{- $1024svg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" }}
{{- $maskablesvg := partial "cache-bust.html" "/maskable_android.svg" }}
{{- $monochromesvg := partial "cache-bust.html" "/monochrome.svg" }}
{
"name": "{{site.Title}}",
"short_name": "Seirdy",

View file

@ -82,7 +82,9 @@ Awards and badges
<figcaption itemprop="caption">
[Internet.nl](https://internet.nl/) offers an automated website security check. Relevant buzzwords include IPv6, DNSSEC, TLS, HTTP security headers, and RPKI. [See a report for seirdy.one](https://internet.nl/site/seirdy.one/1745918/).
[Internet.nl](https://internet.nl/) offers an automated website security check. Relevant buzzwords include IPv6, DNSSEC, TLS, HTTP security headers, and RPKI. [See a report for seirdy.one](https://internet.nl/site/seirdy.one/2510940/).
Internet.nl penalizes the use of [0-RTT](https://blog.cloudflare.com/introducing-0-rtt/) because it opens sites up to replay attacks. Since passing the test, I moved all non-idempotent content to other subdomains. Save for some fancy Nginx redirects, everything on the `seirdy.one` domain is static public content. This property made it safe to enable 0-RTT without being at risk of replay attacks. As of right now, I don't pass the test, but I consider the 0-RTT failure to be a false positive.
</figcaption>

View file

@ -17,7 +17,7 @@
<meta name="robots" content="noindex,nofollow,nosnippet" />
<title>{{ .Title }}</title>
{{ if not (in site.BaseURL ".onion") -}}
{{ $icon_svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" }}
{{ $icon_svg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" }}
{{- printf `<link rel="icon" sizes="any" href="%s" type="image/svg+xml" />` $icon_svg.RelPermalink | safeHTML }}
{{- end }}
{{ $icon_192 := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }}

View file

@ -9,9 +9,9 @@
{{- if eq .Section "notes" -}}
{{- $period = "hourly" -}}
{{- end -}}
{{- $faviconSvg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" -}}
{{- $image := resources.Get "/favicon192.png" | resources.Fingerprint "md5" -}}
{{- $atomLogo := resources.Get "/atom.svg" | resources.Fingerprint "md5" -}}
{{- $faviconSvg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" -}}
{{- $image := partialCached "cache-bust.html" "/favicon192.png" "/favicon192.png" -}}
{{- $atomLogo := partial "cache-bust.html" "/atom.svg" -}}
{{- /*rejected http://backend.userland.com/creativeCommonsRssModule, as it's completely redundant with <rights> and rel-license. */ -}}
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<feed
@ -93,7 +93,7 @@
<activity:object-type>http://activitystrea.ms/schema/1.0/{{ $type }}</activity:object-type>
<activity:verb>http://activitystrea.ms/schema/1.0/post</activity:verb>
{{- with .Params.image -}}
{{- $image = resources.Get (printf "/p/%s" . ) | resources.Fingerprint "md5" -}}
{{- $image := partial "cache-bust.html" (printf "/p/%s" . ) -}}
{{- end -}}
<media:thumbnail url="{{ $image.Permalink }}" width="{{ $image.Width }}" height="{{ $image.Height }}" />
{{ with .Description -}}

View file

@ -0,0 +1,5 @@
{{ $resource := resources.Get . -}}
{{- $target_path_formatStr := (replaceRE `(\.[^\.]*)$` ".%d$1" .) -}}
{{- $cacheBuster := $resource.Content | crypto.FNV32a -}}
{{- $target_path := printf $target_path_formatStr $cacheBuster -}}
{{- return resources.Copy $target_path $resource -}}

View file

@ -55,10 +55,10 @@
{{- end -}}
<!--the Tor Browser's safest setting disables SVGs but still downloads them to avoid fingerprinting-->
{{ if not (in site.BaseURL ".onion") -}}
{{ $icon_svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" }}
{{ $icon_svg := partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg" }}
{{- printf `<link rel="icon" sizes="any" href="%s" type="image/svg+xml" />` $icon_svg.RelPermalink | safeHTML }}
{{- end }}
{{ $icon_192 := resources.Get "/favicon192.png" | resources.Fingerprint "md5" }}
{{ $icon_192 := partialCached "cache-bust.html" "/favicon192.png" "/favicon192.png" }}
{{- printf `<link rel="icon" sizes="192x192" href="%s" type="image/png" />` $icon_192.RelPermalink | safeHTML -}}
<meta name="color-scheme" content="light dark" />
<meta name="format-detection" content="telephone=no" /><!-- Why does apple do this -->
@ -70,10 +70,10 @@
<meta property="og:type" content="article" />
{{- end -}}
<!-- ANOTHER meta image?! When will it end? -->
{{- $og_image := resources.Get "/favicon512.png" | resources.Fingerprint "md5" -}}
{{- $og_image := partialCached "cache-bust.html" "/favicon512.png" "/favicon512.png" -}}
{{- $og_image_alt := "" -}}<!--Default open graph image is purely decorative and visual, so it should be hidden from assistive technologies.-->
{{- with .Params.image -}}
{{- $og_image = resources.Get (printf "/p/%s" . ) | resources.Fingerprint "md5" -}}
{{- $og_image = partial "cache-bust.html" (printf "/p/%s" .) -}}
{{- end -}}
{{- with .Params.image_alt -}}
{{- $og_image_alt = . -}}

View file

@ -21,14 +21,14 @@
>
{{ with $opus -}}
{{- $download_url = $opus.RelPermalink -}}
{{ $opus_src := . | resources.Fingerprint "md5" -}}
{{ $opus_src := partial "cache-bust.html" . -}}
<source
src="{{ $opus_src.RelPermalink }}"
type='audio/ogg; codecs="opus"' />
{{ end -}}
{{ with $mp3 -}}
{{- $download_url = $mp3.RelPermalink -}}
{{ $mp3_src := . | resources.Fingerprint "md5" -}}
{{ $mp3_src := partial "cache-bust.html" . -}}
<source
src="{{ $mp3_src.RelPermalink }}"
type="audio/mpeg" />

View file

@ -1,5 +1,4 @@
{{- $favicon := resources.Get "/favicon.png" -}}<!-- re-using the favicon for the author photo -->
{{- $favicon_base64 := $favicon.Content | base64Encode -}}<!--
<!-- re-using the favicon for the author photo
Reader mode implementations use .p-author, itemprop=author, and/or .author to add
a byline. Some also strip elements matching the "byline" class to avoid duplicating
the byline. Mozilla Readability uses both microformats1 and microformats2 while

View file

@ -1,10 +1,10 @@
{{ $favicon := resources.Get "/favicon.png" -}}
{{- $favicon_base64 := $favicon.Content | base64Encode -}}
{{- $favicon_svg := resources.Get "/favicon.svg" | resources.Fingerprint "md5" -}}
{{- $src := "" -}}
{{- if in site.BaseURL ".onion" -}}
<img itemprop="image" width="16" height="16" alt=""
src="data:image/png;base64,{{ $favicon_base64 }}" class="u-photo photo" />
{{- $favicon := resources.Get "/favicon.png" -}}
{{- $favicon_base64 := $favicon.Content | base64Encode -}}
{{- $src = printf "data:image/png;base64,%s" $favicon_base64 -}}
{{- else -}}
<img itemprop="image" width="16" height="16" alt=""
src="{{ $favicon_svg.Permalink }}" class="u-photo photo" />
{{- end }}
{{- with (partialCached "cache-bust.html" "/favicon.svg" "/favicon.svg") -}}
{{- $src = .Permalink -}}
{{- end -}}{{- end -}}
<img itemprop="image" width="16" height="16" alt="" src="{{ $src }}" class="u-photo photo" />

View file

@ -32,7 +32,7 @@
<picture>
{{- if not (in site.BaseURL ".onion") -}}
{{ with $dark_svg -}}
{{ $dark_svg_src := . | resources.Fingerprint "md5" -}}
{{ $dark_svg_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $dark_svg_src.RelPermalink }}"
type="image/svg+xml"
@ -40,28 +40,28 @@
{{ end -}}
{{ end -}}
{{ with $dark_jxl -}}
{{ $dark_jxl_src := . | resources.Fingerprint "md5" -}}
{{ $dark_jxl_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $dark_jxl_src.RelPermalink }}"
type="image/jxl"
media="screen and (prefers-color-scheme: dark)" />
{{ end -}}
{{ with $dark_avif -}}
{{ $dark_avif_src := . | resources.Fingerprint "md5" -}}
{{ $dark_avif_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $dark_avif_src.RelPermalink }}"
type="image/avif"
media="screen and (prefers-color-scheme: dark)" />
{{ end -}}
{{ with $dark_webp -}}
{{ $dark_webp_src := . | resources.Fingerprint "md5" -}}
{{ $dark_webp_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $dark_webp_src.RelPermalink }}"
type="image/webp"
media="screen and (prefers-color-scheme: dark)" />
{{ end -}}
{{ with $orig_img_dark -}}
{{ $orig_dark_src := . | resources.Fingerprint "md5" -}}
{{ $orig_dark_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $orig_dark_src.RelPermalink }}"
type="{{ $orig_img_dark_type }}"
@ -69,31 +69,31 @@
{{ end -}}
{{- if not (in site.BaseURL ".onion") -}}
{{ with $light_svg -}}
{{ $light_svg_src := . | resources.Fingerprint "md5" -}}
{{ $light_svg_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $light_svg_src.RelPermalink }}"
type="image/svg+xml" />
{{ end -}}
{{ end -}}
{{ with $light_jxl -}}
{{ $light_jxl_src := . | resources.Fingerprint "md5" -}}
{{ $light_jxl_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $light_jxl_src.RelPermalink }}"
type="image/jxl" />
{{ end -}}
{{ with $light_avif -}}
{{ $light_avif_src := . | resources.Fingerprint "md5" -}}
{{ $light_avif_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $light_avif_src.RelPermalink }}"
type="image/avif" />
{{ end -}}
{{ with $light_webp -}}
{{ $light_webp_src := . | resources.Fingerprint "md5" -}}
{{ $light_webp_src := partial "cache-bust.html" . -}}
<source
srcset="{{ $light_webp_src.RelPermalink }}"
type="image/webp" />
{{ end -}}
{{ $orig_src := $orig_img | resources.Fingerprint "md5" -}}
{{ $orig_src := partial "cache-bust.html" $orig_img -}}
<source
srcset="{{ $orig_src.RelPermalink }}"
type="{{ $orig_img_type }}" />

View file

@ -47,6 +47,7 @@ sed 7d "$html_file" | run_xmllint | tail -n +2 >"$tmp_file"
-e '1,7d' \
-e 's|</span><span itemprop="familyName"|</span>\&#160;<span itemprop="familyName"|' \
-e 's|class="u-photo photo"[^<]*<|class="u-photo photo"/> <|' \
-e 's|<pre>|<pre tabindex="0">|' \
-E \
-e 's|([a-z])<data|\1 <data|' \
-e 's#</span>(<a[^>]*rel="(nofollow ugc|ugc nofollow)"([^>]*)?>liked</a>)#</span> \1#' \