alexohneander/alexohneander-zola
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: add support for giscus & utterances comments

Browse Source
This commit is contained in:
welpo
2023-07-12 18:44:28 +02:00
parent 93c8b577b8
commit 19d120019b
17 changed files with 333 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
content/blog/security.md
View File

@@ -1,7 +1,7 @@
+++
title = "Secure by default"
date = 2023-02-22
updated = 2023-05-22
updated = 2023-07-12
description = "tabi has an easily customizable Content Security Policy (CSP) with safe defaults. Get peace of mind and an A+ on Mozilla Observatory."
[taxonomies]
@@ -27,4 +27,6 @@ The `allowed_domains` list specifies the URLs that the website should be able to
This feature allows you to easily customize the website's security headers to allow for specific use cases, such as embedding YouTube videos, loading scripts or remote fonts ([not recommended](https://www.albertovarela.net/blog/2022/11/stop-using-google-fonts/)).
**Note**: enabling comments automatically allows scripts and frames from either utterances/giscus, as well as unsafe-inline styles when using utterances (required so that the widget can adjust its size based on the number of comments).
[^1]: Requires proper webserver configuration (e.g. redirecting HTTP traffic to HTTPS).