alexohneander/alexohneander-zola
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: support privacy-respecting analytics (#193)

Browse Source
This commit is contained in:
Óscar Fernández
2023-10-04 15:01:54 +02:00
committed by GitHub
parent 2eaee6557c
commit 228f1ea6e5
11 changed files with 276 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
templates/partials/analytics.html Normal file
View File

@@ -0,0 +1,35 @@
{% set analytics_service = config.extra.analytics.service %}
{% set analytics_id = config.extra.analytics.id | default(value="") %}
{% set self_hosted_url = config.extra.analytics.self_hosted_url | default(value="") %}
{% if analytics_service == "goatcounter" %}
<script async
{% if self_hosted_url %}
data-goatcounter="{{ self_hosted_url ~ '/count' }}"
src="{{ self_hosted_url ~ '/count.js' }}"
{% else %}
data-goatcounter="https://{{ analytics_id }}.goatcounter.com/count"
src="//gc.zgo.at/count.js"
{% endif %}
></script>
{% elif analytics_service == "umami" %}
<script async defer
{% if self_hosted_url %}
data-website-id="{{ analytics_id }}"
src="{{ self_hosted_url ~ '/umami.js' }}"
{% else %}
data-website-id="{{ analytics_id }}"
src="https://analytics.eu.umami.is/script.js"
{% endif %}
data-do-not-track="true">
</script>
{% elif analytics_service == "plausible" %}
<script
defer
data-domain="{{ analytics_id }}"
src="{% if self_hosted_url %}{{ self_hosted_url ~ '/js/plausible.js' }}{% else %}https://plausible.io/js/script.js{% endif %}"
></script>
{% endif %}

93
templates/partials/content_security_policy.html Normal file
View File

@@ -0,0 +1,93 @@
<meta http-equiv="Content-Security-Policy"
content="default-src 'self'
{%- if config.extra.allowed_domains -%}
;
{#- Check if a comment system is enabled to allow the necessary domains and directives -#}
{%- set utterances_enabled = config.extra.utterances.enabled_for_all_posts or page.extra.utterances -%}
{%- set giscus_enabled = config.extra.giscus.enabled_for_all_posts or page.extra.giscus -%}
{%- set hyvortalk_enabled = config.extra.hyvortalk.enabled_for_all_posts or page.extra.hyvortalk -%}
{%- set isso_enabled = config.extra.isso.enabled_for_all_posts or page.extra.isso -%}
{#- Initialise a base script-src directive -#}
{%- set script_src = "script-src 'self'" -%}
{#- Initialise a base connect-src directive -#}
{%- set connect_src = "connect-src 'self'" -%}
{# Base logic for appending analytics domains #}
{%- set analytics_url = config.extra.analytics.self_hosted_url | default(value="") %}
{%- if analytics_url -%}
{%- set script_src = script_src ~ " " ~ analytics_url -%}
{%- set connect_src = connect_src ~ " " ~ analytics_url -%}
{%- else -%}
{%- if config.extra.analytics.service -%}
{%- if config.extra.analytics.service == "goatcounter" -%}
{%- set script_src = script_src ~ " gc.zgo.at" -%}
{%- set connect_src = connect_src ~ " gc.zgo.at" -%}
{%- elif config.extra.analytics.service == "umami" -%}
{%- set script_src = script_src ~ " analytics.eu.umami.is" -%}
{%- set connect_src = connect_src ~ " analytics.eu.umami.is" -%}
{%- elif config.extra.analytics.service == "plausible" -%}
{%- set script_src = script_src ~ " plausible.io" -%}
{%- set connect_src = connect_src ~ " plausible.io" -%}
{%- endif -%}
{%- endif -%}
{%- endif -%}
{%- if hyvortalk_enabled -%}
{%- set connect_src = connect_src ~ " talk.hyvor.com" -%}
{%- set script_src = script_src ~ " talk.hyvor.com" -%}
{%- elif isso_enabled -%}
{%- set connect_src = connect_src ~ " " ~ config.extra.isso.endpoint_url -%}
{%- set script_src = script_src ~ " " ~ config.extra.isso.endpoint_url -%}
{%- elif giscus_enabled -%}
{%- set script_src = script_src ~ " " ~ " giscus.app" -%}
{%- elif utterances_enabled -%}
{%- set script_src = script_src ~ " " ~ " utteranc.es" -%}
{%- endif -%}
{#- Append WebSocket for Zola serve mode -#}
{%- if config.mode == "serve" -%}
{%- set connect_src = connect_src ~ " ws:" -%}
{%- endif -%}
{%- for domain in config.extra.allowed_domains -%}
{%- if domain.directive == "connect-src" -%}
{%- set configured_connect_src = domain.domains | join(sep=' ') -%}
{%- set_global connect_src = connect_src ~ " " ~ configured_connect_src -%}
{%- continue -%}
{%- endif -%}
{%- if domain.directive == "script-src" -%}
{%- set configured_script_src = domain.domains | join(sep=' ') -%}
{%- set_global script_src = script_src ~ " " ~ configured_script_src -%}
{%- continue -%}
{%- endif -%}
{#- Handle directives that are not connect-src -#}
{{ domain.directive }} {{ domain.domains | join(sep=' ') -}}
{%- if utterances_enabled or hyvortalk_enabled -%}
{%- if domain.directive == "style-src" %} 'unsafe-inline'
{%- endif -%}
{%- endif -%}
{%- if domain.directive == "frame-src" -%}
{%- if giscus_enabled %} giscus.app
{%- elif utterances_enabled %} utteranc.es
{%- elif hyvortalk_enabled %} talk.hyvor.com
{%- endif %}
{%- endif -%}
{%- if not loop.last -%}
;
{%- endif -%}
{%- endfor -%}
{#- Insert the generated connect-src -#}
{{ ";" ~ connect_src }}
{#- Insert the generated script-src -#}
{{ ";" ~ script_src }}
{%- endif -%}">

64
templates/partials/header.html
View File

@@ -142,65 +142,7 @@
<meta property="og:site_name" content="{{ config.title }}">
<meta http-equiv="Content-Security-Policy"
content="default-src 'self'
{%- if config.extra.allowed_domains -%}
;
{#- Check if a comment system is enabled to allow the necessary domains and directives -#}
{%- set utterances_enabled = config.extra.utterances.enabled_for_all_posts or page.extra.utterances -%}
{%- set giscus_enabled = config.extra.giscus.enabled_for_all_posts or page.extra.giscus -%}
{%- set hyvortalk_enabled = config.extra.hyvortalk.enabled_for_all_posts or page.extra.hyvortalk -%}
{%- set isso_enabled = config.extra.isso.enabled_for_all_posts or page.extra.isso -%}
{#- Initialise a base connect-src directive -#}
{%- set connect_src = "connect-src 'self'" -%}
{%- if hyvortalk_enabled -%}
{%- set connect_src = connect_src ~ " talk.hyvor.com" -%}
{%- elif isso_enabled -%}
{%- set connect_src = connect_src ~ " " ~ config.extra.isso.endpoint_url -%}
{%- endif -%}
{#- Append WebSocket for Zola serve mode -#}
{%- if config.mode == "serve" -%}
{%- set connect_src = connect_src ~ " ws:" -%}
{%- endif -%}
{%- for domain in config.extra.allowed_domains -%}
{%- if domain.directive == "connect-src" -%}
{%- set configured_connect_src = domain.domains | join(sep=' ') -%}
{%- set_global connect_src = connect_src ~ " " ~ configured_connect_src -%}
{%- continue -%}
{%- endif -%}
{#- Handle directives that are not connect-src -#}
{{ domain.directive }} {{ domain.domains | join(sep=' ') -}}
{% if utterances_enabled or hyvortalk_enabled -%}
{%- if domain.directive == "style-src" %} 'unsafe-inline'
{%- endif -%}
{% endif -%}
{%- if domain.directive == "script-src" or domain.directive == "frame-src" -%}
{%- if giscus_enabled %} giscus.app
{%- elif utterances_enabled %} utteranc.es
{%- elif hyvortalk_enabled %} talk.hyvor.com
{%- endif %}
{%- endif -%}
{%- if domain.directive == "script-src" -%}
{%- if isso_enabled %} {{ config.extra.isso.endpoint_url }}
{%- endif %}
{%- endif -%}
{%- if not loop.last -%}
;
{%- endif -%}
{%- endfor -%}
{#- Insert the generated connect-src -#}
{{ ";" ~ connect_src }}
{%- endif -%}">
{%- include "partials/content_security_policy.html" -%}
{%- if config.extra.theme_switcher and config.extra.theme_switcher == true -%}
{# If JavaScript is disabled, hide the button. #}
@@ -209,4 +151,8 @@
<script defer src="{{ get_url(path='js/themeSwitcher.min.js', trailing_slash=false) | safe }}"/></script>
{%- endif -%}
{%- if config.extra.analytics.service -%}
{%- include "partials/analytics.html" -%}
{%- endif -%}
</head>