Compare commits

..

No commits in common. "820bebe032980f521cd80827e044782dd5bddd9d" and "78a7d913fe6a4bce9ec6a91b4d5e98d21d281580" have entirely different histories.

5 changed files with 2 additions and 2 deletions

View File

@ -13,7 +13,7 @@ I do not have access logs enabled. [Access logs](https://httpd.apache.org/docs/c
Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.** Browsers will, by default, "prefetch," or ["proactively perform domain name resolution on both links that the user may choose to follow as well as URLs for items referenced by the document."](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control) Because I link to external sites, I have *disabled* prefetching with the X-DNS-Prefetch-Control header. Setting this header avoids "leaking" your information to external sites by simply browsing my website. **If you click on an external link, you are still subject to the privacy and security policies of that outside website.**
Your connection to this website is secured by, among other settings, [HTTP Strict Transport Security (HSTS)](https://hstspreload.org/) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://developer.mozilla.org/en-US/observatory/analyze?host=ethanyoo.com) Your connection to this website is secured by, among other settings, [HTTP Strict Transport Security (HSTS)](https://hstspreload.org/) headers, redirection to HTTPS, and a strong Content Security Policy. You can [read more about web security](https://infosec.mozilla.org/guidelines/web_security) or [easily test any website's security settings.](https://observatory.mozilla.org/)
Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing *anyone's* information with third parties. Your email address is considered personal information under, for example, the [California Consumer Privacy Act of 2018.](https://www.oag.ca.gov/privacy/ccpa) That being said, I have no interest in sharing *anyone's* information with third parties.
@ -24,4 +24,3 @@ If you do contact me, you're not required to use a real name or a permanent emai
*Updated on **December 29, 2022** after adding the website's search function*\ *Updated on **December 29, 2022** after adding the website's search function*\
*Updated on **March 12, 2023** to move a sentence describing the website's search function*\ *Updated on **March 12, 2023** to move a sentence describing the website's search function*\
*Updated on **June 2, 2024** to reflect the use of Plausible Community Edition and to change some wording* *Updated on **June 2, 2024** to reflect the use of Plausible Community Edition and to change some wording*
*Updated on **July 8, 2024** to replace the link to Mozilla Observatory ([deprecated](https://developer.mozilla.org/en-US/blog/mdn-http-observatory-launch/)) with a link to the [MDN HTTP Observatory](https://developer.mozilla.org/en-US/observatory)*

View File

@ -1,6 +1,7 @@
# Security tests: https://observatory.mozilla.org/ # Security tests: https://observatory.mozilla.org/
# Disable DNS prefetching: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control # Disable DNS prefetching: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control
Header always set Access-Control-Allow-Origin "analytics.ethanyoo.com" Header always set Access-Control-Allow-Origin "analytics.ethanyoo.com"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Frame-Options "DENY" Header always set X-Frame-Options "DENY"
Header always set X-DNS-Prefetch-Control "off" Header always set X-DNS-Prefetch-Control "off"
Header always set X-Content-Type-Options "nosniff" Header always set X-Content-Type-Options "nosniff"

BIN
static/icon/logseq.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.9 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 6.7 KiB

After

Width:  |  Height:  |  Size: 19 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 2.3 KiB

After

Width:  |  Height:  |  Size: 65 KiB