feat: Add Content Security Policy, enhance author information display with TypeIt animation, and include an RSS social link.

2025-12-20 10:59:32 -08:00
parent f374adac0c
commit 5b0d9a761d
3 changed files with 75 additions and 1 deletions
--- a/layouts/_partials/csp.html
+++ b/layouts/_partials/csp.html
@@ -0,0 +1,13 @@
+<!-- CSP OVERRIDE ACTIVE -->
+{{ $policy := "default-src 'self';" }}
+{{ if not hugo.IsServer }}
+{{ $policy = "upgrade-insecure-requests; block-all-mixed-content; default-src 'self';" }}
+{{ end }}
+{{ $scriptsrc := printf "%s https://unpkg.com" (delimit .Site.Params.csp.scriptsrc " ") }}
+{{ printf `
+<meta http-equiv="Content-Security-Policy"
+    content="%s child-src %s; font-src %s; form-action %s; frame-src %s; img-src %s; object-src %s; style-src %s; script-src %s; connect-src %s;">
+` $policy (delimit .Site.Params.csp.childsrc " ") (delimit .Site.Params.csp.fontsrc " ") (delimit
+.Site.Params.csp.formaction " ") (delimit .Site.Params.csp.framesrc " ") (delimit .Site.Params.csp.imgsrc " ") (delimit
+.Site.Params.csp.objectsrc " ") (delimit .Site.Params.csp.stylesrc " ") $scriptsrc (delimit .Site.Params.csp.connectsrc
+" ") | safeHTML }}
--- a/layouts/_partials/home/author.html
+++ b/layouts/_partials/home/author.html
@@ -0,0 +1,21 @@
+<h1>{{ .Site.Params.author }}</h1>
+
+{{ if .Site.Params.info }}
+<h2 id="typeit-info"></h2>
+
+<script src="https://unpkg.com/typeit@8.7.1/dist/index.umd.js"></script>
+<script>
+    document.addEventListener("DOMContentLoaded", function () {
+        new TypeIt("#typeit-info", {
+            strings: {{ .Site.Params.info | jsonify | safeJS }},
+        speed: 50,
+        loop: true,
+        breakLines: false,
+        nextStringDelay: 2000,
+        deleteSpeed: 50,
+        startDelay: 500,
+        lifeLike: true
+      }).go();
+    });
+</script>
+{{ end }}