My personal blog built to host my articles.
- OAuth authentification
- Edge network compatible
- Lighthouse 100% on all metrics
- A+ on security with headers, strict CSP & security.txt
- SEO optimization with robots.txt & sitemap
- If you're hosting on Cloudflare, you need to disable
Speed Brain. This features isn't compatible with a strict CSP and prefetching is already done inside Astro. - CSP nonce is currently generated in the middleware which defeats the purpose of a strong CSP. There is no alternatives currently in Astro.
- Some environment variables should have their access restricted to secret instead of public