Daniel Micay
|
2d079162d4
|
mark Expect-CT as largely obsolete
|
2021-06-08 12:27:04 -04:00 |
|
Daniel Micay
|
5e83027d04
|
disable unused Clipboard API features
|
2021-04-18 00:49:50 -04:00 |
|
Daniel Micay
|
1f027a3fce
|
disable unused hid (WebHID API) feature
|
2021-04-18 00:40:47 -04:00 |
|
Daniel Micay
|
380e34f435
|
disable unused serial (Web Serial API) feature
|
2021-04-18 00:37:16 -04:00 |
|
Daniel Micay
|
3584a627f8
|
disable interest-cohort feature
|
2021-04-18 00:34:46 -04:00 |
|
Daniel Micay
|
3cfe562892
|
enforce strict Trusted Types without policies
|
2021-03-26 13:44:32 -04:00 |
|
Daniel Micay
|
a0d93f3375
|
explicitly set SameSite for preload session cookie
|
2021-03-23 10:46:50 -04:00 |
|
Daniel Micay
|
f298ee4b2b
|
use once per session preload / push
|
2021-02-15 04:23:56 -05:00 |
|
Daniel Micay
|
ba302d9f86
|
use a single Link header for preloading
|
2021-02-15 03:41:54 -05:00 |
|
Daniel Micay
|
0c006f9afd
|
add preload headers for core fonts
|
2021-02-15 03:25:22 -05:00 |
|
Daniel Micay
|
57f77c96cb
|
drop support for obsolete Feature-Policy header
This has been replaced by Permissions-Policy.
|
2021-01-26 10:58:00 -05:00 |
|
Daniel Micay
|
548b13c09d
|
temporarily disable Trusted Types for web-install
This can be enabled again when the zip library supports it.
|
2021-01-23 20:56:05 -05:00 |
|
Daniel Micay
|
fe063f50fe
|
add foundation for WebUSB-based install page
|
2021-01-05 05:34:45 -05:00 |
|
Daniel Micay
|
d0f56dc6ab
|
document deprecated/obsolete headers
|
2020-12-31 21:31:07 -05:00 |
|
Daniel Micay
|
dbee9a704c
|
move TLS configuration into nginx.conf
|
2020-11-14 04:23:19 -05:00 |
|
Daniel Micay
|
d03e7c28b4
|
add require-trusted-types-for 'script' to CSP
|
2020-10-27 04:44:58 -04:00 |
|
Daniel Micay
|
e806721d7c
|
add COOP / COEP headers
|
2020-10-27 04:20:17 -04:00 |
|
Daniel Micay
|
701ed6f301
|
add Permissions-Policy header
|
2020-10-03 20:53:38 -04:00 |
|
Daniel Micay
|
99b4037444
|
disable unused publickey-credentials-get feature
|
2020-09-27 19:10:27 -04:00 |
|
Daniel Micay
|
f59b4f2310
|
remove unused Feature-Policy speaker directive
|
2020-09-27 19:07:05 -04:00 |
|
Daniel Micay
|
c0f510be06
|
handle Feature-Policy standard renaming wake-lock
|
2020-09-27 18:54:00 -04:00 |
|
Daniel Micay
|
6d04912ef7
|
drop (unfortunately) obsolete HPKP support
|
2020-09-27 16:12:11 -04:00 |
|
Daniel Micay
|
27b24277e1
|
drop usage of report-uri for Expect-CT and CSP
This has proven to be unhelpful and we don't need this kind of reporting
with the simplicity of the site and policies.
|
2020-07-22 18:41:59 -04:00 |
|
Daniel Micay
|
2343434d83
|
stop pinning IdenTrust root that's on the way out
|
2020-04-19 19:20:43 -04:00 |
|
Daniel Micay
|
eb1566f6a1
|
switch HPKP backup pins
|
2020-04-07 14:39:56 -04:00 |
|
Daniel Micay
|
ef179138fa
|
certbot-ocsp-fetcher for reliable OCSP stapling
|
2020-04-05 04:13:05 -04:00 |
|
Daniel Micay
|
3e4ee0cb28
|
move nginx https setup into a snippet
|
2020-04-01 10:30:30 -04:00 |
|
Daniel Micay
|
5a923bd1bb
|
remove obsolete HPKP report-uri URL
|
2020-04-01 08:47:16 -04:00 |
|
Daniel Micay
|
9c1ebdd0d8
|
add nginx configuration
|
2020-04-01 03:12:09 -04:00 |
|