csp

Posts tagged csp

• 
  Tech Apr 29, 2026

  Astro client islands under a strict CSP — pinning the hydration inlines by sha256 hash

  Why react islands with `client:load` silently fail under `script-src 'self'`, how I allowed the two deterministic Astro hydration inlines via hash, and how to refresh the hashes after Astro updates.

• E
  Tech Apr 25, 2026

  Embedding Google Maps GDPR-compliant — consent box with app links

  A lightweight Google Maps embed component for Astro: no request before consent, localStorage-based consent, automatic Apple Maps and Google Maps app links from GPS coordinates.

• E
  Tech Apr 24, 2026

  Embedding YouTube videos GDPR-compliant — three-tier consent box without a cookie

  A lightweight YouTube embed component for Astro with real consent (once / remember / external), no cookie, and no third-party request before the click.

• L
  Tech Apr 24, 2026

  Leaflet + Stadia Maps behind a strict CSP: two gotchas

  Wiring up a photo world map with Leaflet and Stadia Maps tiles on an Astro site behind Caddy — and why it didn't work in production despite a correct CSP.

• C
  Tech Apr 22, 2026

  Caching webmention avatars locally at build time

  A small Astro helper that downloads webmention author photos during the build, dedupes them, and serves them locally — for a strict CSP, stronger privacy, and better availability.

• S
  Tech Apr 22, 2026

  Security headers for an Astro site behind Caddy

  How I hardened my site with a strict Content Security Policy, clean response headers, and a GDPR-compliant configuration — and solved the Astro inline-script gotcha along the way.