Commit Graph

476 Commits

Author SHA1 Message Date
curben 00fbcce468 refactor: unify HTTP header settings into _headers 2019-05-26 15:09:27 +09:30
curben ab67e05c73 docs(readme): consistent badge colour 2019-05-26 11:39:03 +09:30
curben 415952ff69 docs(open_graph): add comment 2019-05-26 00:10:44 +09:30
curben cab3baeaf8 style: standardjs lint 2019-05-25 23:58:52 +09:30
curben 7ebcc03977 fix(open_graph): use data-src attribute in img tag
* compatibility with cloudinary (see scripts/cloudinary.js)
  * helper has to be registered via a function
    - https://github.com/hexojs/hexo/issues/1462#issuecomment-277474592
    - https://github.com/hexojs/hexo/issues/743#issuecomment-168262852
    - https://hexo.io/api/helper
    - https://github.com/hexojs/hexo/blob/master/lib/plugins/helper/open_graph.js
2019-05-25 22:21:44 +09:30
curben 9daf4d98b9 docs(copy-button): clarify the source of cheerio package 2019-05-25 22:20:54 +09:30
curben cf16dd3e43 refactor: move creation of 'Copy' button from client to server
* https://github.com/cheeriojs/cheerio#append-content-content--
  * cheerio doesn't have .createElement() function
    - https://code.tutsplus.com/tutorials/jquery-14-released-the-15-new-features-you-must-know--net-8590
2019-05-25 20:14:02 +09:30
curben 3dfc57dbbe refactor: replace for loop with forEach()
https://stackoverflow.com/a/34832466/9645167
2019-05-25 17:49:36 +09:30
curben 3b4172119b docs(post): Add 'Cloudflare in Firefox is not the end of the world' post 2019-05-25 17:26:49 +09:30
curben b5a86372c2 fix: add DoH tag 2019-05-25 17:26:20 +09:30
curben 2000d449c6 feat: add more alt attributes
* fix grammar, clarify
2019-05-24 14:56:08 +09:30
curben 809e3e05ab feat: add more alt attributes 2019-05-23 17:04:56 +09:30
curben e312ed2b69 feat: add alt attribute to <img>
* https://support.google.com/webmasters/answer/114016?hl=en
  * remove version tag from cloudinary link
    * cache of previous version should be purged by now
  * img tag doesn't need to be self-closing
2019-05-23 16:46:02 +09:30
curben 15048c2d1f fix: search.svg does not load in Firefox due to CSP
* Use default-src 'self' as a workaround
https://pokeinthe.io/2016/04/09/black-icons-with-svg-and-csp/
https://bugzilla.mozilla.org/show_bug.cgi?id=1303364
https://github.com/w3c/webappsec-csp/issues/199
https://github.com/w3c/webappsec-csp/issues/198

* use 'self' instead of localhost and netlify.com
* set other directives to 'none'
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
* font-src neeeds to be whitelisted before using fork-awesome
2019-05-22 12:39:53 +09:30
curben 4791c98a00 refactor: remove jquery and fancybox
todo https://github.com/dimsemenov/photoswipe
2019-05-22 11:13:21 +09:30
curben 08fb7897e1 fix: replace 'https' with 'https:' in CSP
https://content-security-policy.com/#source_list
2019-05-22 11:00:00 +09:30
curben 0e686c620b refactor: Use pure JS equivalent of jQuery's $.ready()
https://stackoverflow.com/a/9899701
2019-05-22 10:52:58 +09:30
curben 821ac056b7 feat: add CSP via <meta> tag
* <meta> doesn't support frame-ancestors directive
  * '*--curben.netlify.com' is invalid
  * add localhost
  * block-all-mixed-content works with localhost
2019-05-21 14:41:56 +09:30
curben 03c527b2f5 refactor: move inline search function to js file
avoid inline script for CSP
2019-05-21 14:12:30 +09:30
curben 0b2c5dbc6c fix: don't remove ID from svg
necessary for <use> tag
https://gitlab.com/curben/blog/blob/master/themes/typing/source/svg/search.svg
https://css-tricks.com/svg-use-external-source/
2019-05-21 13:41:29 +09:30
curben 045882e527 feat: add tooltip to search button
https://developer.mozilla.org/en-US/docs/Web/SVG/Element/title
https://developer.mozilla.org/en-US/docs/Web/SVG/Element/desc

inline svg doesn't require xmlns attribute
https://github.com/svg/svgo/blob/master/plugins/removeXMLNS.js
2019-05-21 13:37:10 +09:30
curben bc4082ac06 refactor: use image file instead of inline 2019-05-21 13:10:40 +09:30
curben 2ac754fa4d style: arrow function
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/Arrow_functions
2019-05-21 11:22:01 +09:30
curben e7a6071d08 refactor: move inline cloudinary js into js file
to make way for CSR policy
2019-05-21 10:49:30 +09:30
curben 47e7982432 refactor: use image file instead of inline
page source looks cleaner this way
2019-05-21 10:12:35 +09:30
curben 958d8f8c8e Merge branch 'http-header' into 'master'
feat: harden HTTP headers

See merge request curben/blog!18
2019-05-20 02:27:24 +00:00
curben 3954d3891e fix: follow netlify's hsts max-age 2019-05-20 11:52:05 +09:30
curben 98be37f77a feat: harden HTTP headers 2019-05-20 11:15:27 +09:30
curben ba48027e74 refactor: switch to regular cloudinary js
* it's hosted at cdnjs, inline with other js source
    - better for HTTP/2 multiplexing if same host
  * update jquery
2019-05-19 12:07:34 +09:30
curben 5b9d9494e6 fix: date and time display
* Add starting year to copyright
  * Remove unneeded creation time from posts
2019-05-19 11:35:03 +09:30
curben 038645e497 fix: update title 2019-05-19 11:22:39 +09:30
curben 5323544fd8 docs: update nodejs installation instruction
* in readme, add instruction to install more updated nodejs
	* in readme, add a link to the relevant post for more detailed instruction
	* in posts, append 'or newer' to fedora, now that fedora v30 is released
	* in posts, add '--only=prod' parameter to skip devDeps
2019-05-18 14:53:43 +09:30
curben e5440eff3d docs: skip installation of devDep 2019-05-13 16:13:50 +09:30
curben 581c41fef0 docs: fix links in badge 2019-05-13 15:55:02 +09:30
curben e4345f743b Merge branch 'renovate/renovate-17.x' into 'master'
chore(deps): update dependency renovate to v17

See merge request curben/blog!17
2019-05-13 06:13:02 +00:00
curben 607818f32d Merge branch 'renovate/hexo-renderer-marked-1.x' into 'master'
chore(deps): update dependency hexo-renderer-marked to v1

See merge request curben/blog!16
2019-05-13 06:11:11 +00:00
Renovate Bot 78d8c9476f chore(deps): update dependency renovate to v17 2019-05-12 06:27:12 +00:00
Renovate Bot c2382264b3 chore(deps): update dependency hexo-renderer-marked to v1 2019-05-12 06:27:10 +00:00
curben 2b6370bfca Merge branch 'renovate/renovate-16.x' into 'master'
chore(deps): update dependency renovate to v16

See merge request curben/blog!15
2019-04-30 12:26:28 +00:00
curben e5a91b6408 chore(deps): compatibility with renovate v16
https://github.com/renovatebot/renovate/releases/tag/16.0.0
2019-04-30 21:51:37 +09:30
curben ecd19c02ce docs: mention more FOSS apps 2019-04-30 18:34:13 +09:30
curben aba07a9367 fix: heading IDs are case-sensitive
unlike standard markdown https://docs.gitlab.com/ee/user/markdown.html#header-ids-and-links
2019-04-29 19:07:46 +09:30
curben 43af5eaf6f style: bold symbol should be inside bracket 2019-04-29 18:24:36 +09:30
curben 9b2e307685 fix: mention new workaround for aliexpress 2019-04-29 18:19:54 +09:30
curben 0bfb960a83 fix: add new aliexpress workaround 2019-04-25 16:46:27 +09:30
curben 82d3d22d9e chore: update hexo-yam 2019-04-23 17:58:22 +09:30
curben a777e860f8 fix: remove extra curly bracket
due to incomplete d6c36abab9
2019-04-22 18:50:53 +09:30
curben 7bc0ef25df fix: escape symbol typo 2019-04-22 14:23:01 +09:30
curben e20b300f66 fix: mention Aegis
https://github.com/beemdevelopment/Aegis
https://www.reddit.com/r/androidapps/comments/b45zrj/dev_aegis_authenticator_secure_two_factor/
2019-04-22 13:10:46 +09:30
Renovate Bot 84919a6728 chore(deps): update dependency renovate to v16 2019-04-21 04:40:09 +00:00