Changelog

14/06/2025

Modified CSS files slightly as previous changed had broken the style picker.

Update theme picker to not use inline JavaScript as this was throwing console errors due to the script security policy of the site.

07/06/2025

Added dimensions to footer images to improve lighthouse speed score.

Merged CSS files into one file to improve lighthouse LCP values on mobile devices.

26/05/2025 - 2

Modified Bac calculator to no longer use the eval statement. So I can remove the unsafe-eval statement in the CSP. My score is back 120.

26/05/2025 - 1

Added 'unsafe-eval' to script-self for the import function on the bac marks calculator to work. This knocks my score down from 120 to 110, but it remains an A+ security rating.

This imports a JSON string of your entries so that they can saved and reimported later.By setting unsafe-eval the browser is allowed to evaluate user generated JavaScript. Since I only have one page which needs to do this I decided it's OK. And again: This is after all a personal blog using static pages only.

24/05/2025

Updated the Bac calculator to not use inline Javascript, which is prevented by my Content Security Policy.

31/03/2025

Added 'unsafe-inline' to style-self for the barcharts to work at the bottom of the archive pages. This knocks my Mozilla's HTTP Observatory score down from 130 to 120, but it's still an A+ security rating.

The risk with this setting is that the look and feel could potentially be altered through injection of inline CSS, but since the site is securely served using HTTPS, that seems unlikely and even if it did occur, not too serious. This is after all a personal blog using static pages only.