1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-10 00:12:09 +00:00
seirdy.one/content/notes/partial-credit-for-css-naked-day.md
2024-04-09 00:02:31 -04:00

1.3 KiB

title date syndicatedCopies
Partial credit for CSS Naked Day 2024-04-09T00:00:01-04:00
title url
The Fediverse https://pleroma.envs.net/notice/AghSP3X5WSt51T4cwC
title url
IndieNews https://news.indieweb.org/en

For CSS Naked Day, I decided to do something a little different. I didn't want to actually disable my stylesheet: very long lines of small text aren't terribly accessible, and fingerprinting-averse readers of my Onion site may not wish to zoom in (I know for a fact that these people exist; I've spoken to them, and I don't like reducing my readers to numbers in an analytics dashboard).

Instead, I made CSS Naked Day participation opt-in with a new a query parameter to the URLs: Just add ?sandbox=broken to the end of any URL on seirdy.one. This query parameter sets a maximally-restrictive Content-Security-Policy header, instructing your browser to block CSS, images, media, and more from loading. The only thing that the CSP will allow is submitting forms (Webmentions). See [my CSP Bug Reproduction page]({{<relref "/meta/csp-bug-reproduction/">}}) for other values you can give the sandbox parameter on seirdy.one and its Onion location.

This does not apply to mirrors of my site, such as the envs.net mirror.