ethan
/
ethanyoo.com
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update privacy policy: Note the search bar's use of DuckDuckGo as a fallback

This commit is contained in:
Ethan Yoo 2022-12-29 11:20:54 -05:00
parent 344eecde92
commit bfa098efd4
Signed by: ethan
GPG Key ID: 70596474C5D20F85
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/privacy.md
View File

@ -1,6 +1,6 @@
---
title: Privacy policy
date: 2020-11-08
date: 2022-12-29
layout: permalink
description: "You should always try to understand the privacy policy."
---
@ -11,7 +11,7 @@ There are no external dependencies or resources, including Google Fonts or socia
I do not have access logs enabled. [Access logs](https://httpd.apache.org/docs/current/logs.html) typically include IP addresses, operating system information, the internal pages and resources requested, and time of access.
Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.**
Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.** If JavaScript is disabled (typically a conscious decision) or the search script fails to load, search queries will instead be sent to DuckDuckGo.
Your connection to this website is secured by, among other settings, HTTP Strict Transport Security (HSTS) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://observatory.mozilla.org/)