Now also available via Tor
http://iwccx6ebuapto7dlkd4m5fooud6nqn2z7go7aass5c4q6vl6gzs5htad.onion/
Posts in category tech
Activating CSP for my blog
Recently, I stumbled across a media.ccc.de talk about internal.nl. Basically, this is a website that tests your website security.
For me, it deducted points for missing HTTP headers. Amongst them,
Content-Security-Policy
. Basically, that header says what content may be loaded on the website. Especially, it can prevent loading stuff from external sites. (Cross Site Scripting as attack scenario).So, basically, it doesn’t add much value for my blog, since this is a static site and I control the content. Sure, there is my comment system, but even that I consider safe enough to handle escaping. So setting the header was mostly done to score fake internet points only. But also, a chance to learn something.
Because, even after adding
self
and my domains to the respective header fields, some stuff would not work. Mainly because of inline scripts and inline styles. So I put them in separate js files and created CSS classes.One thing that doesn’t work anymore are avatars for the ActivityPub comments (and probably for the Isso comments?). This is because I have no idea from what servers I will get comments. So, I replaced the avatars by a grey square.
And that’s it already, really.
DN42: Put it in a box (Linux network namespace)
I explain how I put my Autonomous System in a network namespace.Migrating DNS providers
An in-depth look into how to switch DNS providers without downtime.My Static Blog now has ActivityPub
A short praise for Hatsu, thanks to which my posts now appear in the Fediverse.