diff --git a/config.toml b/config.toml
index 14bcbfe..12ce1c7 100644
--- a/config.toml
+++ b/config.toml
@@ -12,6 +12,12 @@ enableTwemoji = true
enableGitInfo = true
enableRobotsTXT = true
+[taxonomies]
+ category = "categories"
+ series = "series"
+ tag = "tags"
+ author = "authors"
+
# Disqus comments configuration
[services]
[services.disqus]
@@ -85,7 +91,7 @@ style = "github-dark"
[params] # theme parameters
author = "Eric X. Liu"
- info = "Software & Performance Engineer @Google"
+ info = ["Software & Performance Engineer @Google", "Open Source Contributor", "Tech Enthusiast"]
description = "Eric X. Liu - Software & Performance Engineer at Google. Sharing insights about software engineering, performance optimization, tech industry experiences, mountain biking adventures, Jeep overlanding, and outdoor activities."
keywords = "software engineer, performance engineering, Google engineer, tech blog, software development, performance optimization, Eric Liu, engineering blog, mountain biking, Jeep enthusiast, overlanding, camping, outdoor adventures"
avatarurl = "images/gravatar.png"
@@ -143,6 +149,33 @@ style = "github-dark"
filename = "sitemap.xml"
priority = 0.5
+# If you want to implement a Content-Security-Policy, add this section
+[params.csp]
+childsrc = ["'self'"]
+fontsrc = ["'self'", "https://fonts.gstatic.com", "https://cdn.jsdelivr.net/"]
+formaction = ["'self'"]
+framesrc = ["'self'", "https://www.youtube.com"]
+imgsrc = ["'self'"]
+objectsrc = ["'none'"]
+stylesrc = [
+ "'self'",
+ "'unsafe-inline'",
+ "https://fonts.googleapis.com/",
+ "https://cdn.jsdelivr.net/",
+]
+scriptsrc = [
+ "'self'",
+ "'unsafe-inline'",
+ "https://www.google-analytics.com",
+ "https://cdn.jsdelivr.net/",
+ "https://pagead2.googlesyndication.com",
+ "https://static.cloudflareinsights.com",
+ "https://unpkg.com",
+]
+prefetchsrc = ["'self'"]
+# connect-src directive – defines valid targets for to XMLHttpRequest (AJAX), WebSockets or EventSource
+connectsrc = ["'self'", "https://www.google-analytics.com", "https://pagead2.googlesyndication.com", "https://cloudflareinsights.com", "ws://localhost:1313", "ws://localhost:*", "wss://localhost:*"]
+
# Social links
[[params.social]]
name = "Git"
@@ -158,6 +191,13 @@ style = "github-dark"
name = "Personal email"
icon = "fa fa-envelope fa-2x"
weight = 3
+[[params.social]]
+ name = "RSS"
+ icon = "fa-solid fa-rss fa-2x"
+ weight = 6
+ url = "https://ericxliu.me/index.xml"
+ rel = "alternate"
+ type = "application/rss+xml"
# Menu links
[languages]
diff --git a/layouts/_partials/csp.html b/layouts/_partials/csp.html
new file mode 100644
index 0000000..b037992
--- /dev/null
+++ b/layouts/_partials/csp.html
@@ -0,0 +1,13 @@
+
+{{ $policy := "default-src 'self';" }}
+{{ if not hugo.IsServer }}
+{{ $policy = "upgrade-insecure-requests; block-all-mixed-content; default-src 'self';" }}
+{{ end }}
+{{ $scriptsrc := printf "%s https://unpkg.com" (delimit .Site.Params.csp.scriptsrc " ") }}
+{{ printf `
+
+` $policy (delimit .Site.Params.csp.childsrc " ") (delimit .Site.Params.csp.fontsrc " ") (delimit
+.Site.Params.csp.formaction " ") (delimit .Site.Params.csp.framesrc " ") (delimit .Site.Params.csp.imgsrc " ") (delimit
+.Site.Params.csp.objectsrc " ") (delimit .Site.Params.csp.stylesrc " ") $scriptsrc (delimit .Site.Params.csp.connectsrc
+" ") | safeHTML }}
\ No newline at end of file
diff --git a/layouts/_partials/home/author.html b/layouts/_partials/home/author.html
new file mode 100644
index 0000000..e769a49
--- /dev/null
+++ b/layouts/_partials/home/author.html
@@ -0,0 +1,21 @@
+{{ .Site.Params.author }}
+
+{{ if .Site.Params.info }}
+
+
+
+
+{{ end }}
\ No newline at end of file