Commit graph

6 commits

Author SHA1 Message Date
@r3g_5z@plem.sapphic.site
0e4c201f8d HTTP header improvements (#294)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
- Drop Expect-CT

Expect-CT has been redundant since 2018 when Certificate Transparency became mandated and required for all CAs and browsers. This header is only implemented in Chrome and is now deprecated. HTTP header analysers do not check this anymore as this is enforced by default. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT

- Raise HSTS to 2 years and explicitly preload

The longer age for HSTS, the better. Header analysers prefer 2 years over 1 year now as free TLS is very common using Let's Encrypt.
For HSTS to be fully effective, you need to submit your root domain (domain.tld) to https://hstspreload.org. However, a requirement for this is the "preload" directive in Strict-Transport-Security. If you do not have "preload", it will reject your domain.

- Drop X-Download-Options

This is an IE8-era header when Adobe products used to use the IE engine for making outbound web requests to embed webpages in things like Adobe Acrobat (PDFs). Modern apps are using Microsoft Edge WebView2 or Chromium Embedded Framework. No modern browser checks or header analyser check for this.

- Set base-uri to 'none'

This is to specify the domain for relative links (`<base>` HTML tag). pleroma-fe does not use this and it's an incredibly niche tag.

I use all of these myself on my instance by rewriting the headers with zero problems. No breakage observed.

I have not compiled my Elixr changes, but I don't see why they'd break.

Co-authored-by: r3g_5z <june@terezi.dev>
Reviewed-on: #294
Co-authored-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>
Co-committed-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>
2022-11-20 21:20:06 +00:00
Weblate
2f074a6966 Translated using Weblate (Catalan)
Currently translated at 2.9% (30 of 1002 strings)

Update translation files

Updated by "Squash Git commits" hook in Weblate.

Co-authored-by: Weblate <noreply@weblate.org>
Co-authored-by: sola <spla@mastodont.cat>
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/ca/
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-static-pages/
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translation: Pleroma fe/Akkoma Backend (Static pages)
2022-08-11 09:29:28 +00:00
Weblate
8b14b65e39 Merge branch 'origin/develop' into Weblate.
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-08-01 12:48:29 +00:00
Weblate
dbb80c79d5 Translated using Weblate (Catalan)
Currently translated at 100.0% (103 of 103 strings)

Translated using Weblate (Catalan)

Currently translated at 0.3% (4 of 1002 strings)

Translated using Weblate (Catalan)

Currently translated at 100.0% (83 of 83 strings)

Translated using Weblate (Catalan)

Currently translated at 13.5% (14 of 103 strings)

Added translation using Weblate (Catalan)

Merge branch 'origin/develop' into Weblate.

Merge branch 'origin/develop' into Weblate.

Merge branch 'origin/develop' into Weblate.

Translated using Weblate (Catalan)

Currently translated at 100.0% (0 of 0 strings)

Added translation using Weblate (Catalan)

Added translation using Weblate (Catalan)

Added translation using Weblate (Catalan)

Co-authored-by: Anonymous <noreply@weblate.org>
Co-authored-by: Weblate <noreply@weblate.org>
Co-authored-by: sola <spla@mastodont.cat>
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/ca/
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-errors/ca/
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-static-pages/ca/
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translation: Pleroma fe/Akkoma Backend (Errors)
Translation: Pleroma fe/Akkoma Backend (Static pages)
2022-08-01 12:47:27 +00:00
Weblate
c0965ed24a Added translation using Weblate (Catalan)
Merge branch 'origin/develop' into Weblate.

Merge branch 'origin/develop' into Weblate.

Merge branch 'origin/develop' into Weblate.

Translated using Weblate (Catalan)

Currently translated at 100.0% (0 of 0 strings)

Added translation using Weblate (Catalan)

Added translation using Weblate (Catalan)

Added translation using Weblate (Catalan)

Co-authored-by: Anonymous <noreply@weblate.org>
Co-authored-by: Weblate <noreply@weblate.org>
Co-authored-by: sola <spla@mastodont.cat>
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/ca/
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
2022-07-29 11:37:51 +00:00
Weblate
f4b507f3a2 Translated using Weblate (Catalan)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Currently translated at 100.0% (0 of 0 strings)

Added translation using Weblate (Catalan)

Added translation using Weblate (Catalan)

Added translation using Weblate (Catalan)

Co-authored-by: Anonymous <noreply@weblate.org>
Co-authored-by: Weblate <noreply@weblate.org>
Co-authored-by: sola <spla@mastodont.cat>
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/ca/
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
2022-07-28 12:12:55 +00:00