Cutieguwu/cutieguwu-site
1
0
Fork 0
Code Issues 10 Pull Requests Projects 1 Releases Activity

Complete #52, Optimize CSS, Reduce code duplication, Scrap templates; Massive refactor.

Browse Source
This commit is contained in:
Cutieguwu
2025-08-20 16:08:41 -04:00
parent 04a4adb4d4
commit d1e06b432d
55 changed files with 1533 additions and 1896 deletions
Download Patch File Download Diff File Expand all files Collapse all files

527
src/disclosure.html
View File

@@ -6,294 +6,287 @@
<include src="includes/meta.html" />
</head>
<body>
<div class="viewport">
<nav class="pane_nav">
<include src="includes/nav_header.html" />
<include src="includes/nav_menu.html" />
<div class="location">
<h4 class="header">You are here:</h4>
<h5 class="page">Disclosure</h5>
</div>
<include src="includes/nav_quick_links.html" />
</nav>
<div class="pane_main">
<nav class="pane">
<include src="includes/nav_header.html" />
<include src="includes/nav_menu.html" />
<div class="location">
<h4 class="header">You are here:</h4>
<h5 class="page">Disclosure</h5>
</div>
<include src="includes/nav_quick_links.html" />
</nav>
<main class="pane">
<div class="body">
<header>
<h1 class="title">Disclosure</h1>
<p class="date">Last Edited: 01 August, 2025</p>
</header>
<div class="body">
<div class="header">
<h1 class="title">Disclosure</h1>
<p class="date">Last Edited: 01 August, 2025</p>
</div>
<div class="body">
<div class="layout_row">
<div class="item">
<h2 class="title">Website Security</h2>
<p>
This website uses a number of security features, most of which
are built into your browser, to protect my and your:
</p>
<ul>
<li>Infrastructure</li>
<li>Data, and</li>
<li>Experience</li>
</ul>
<p>
You can see some of the main methods that this website uses
below:
</p>
<div class="chunk_list">
<div class="chunk">
<div class="header">
<div>
<h3 class="name">Anubis</h3>
<span class="subtitle"
>AI Scraper Screening Utility</span
>
</div>
<div class="layout_row">
<div class="item">
<h2 class="title">Website Security</h2>
<p>
This website uses a number of security features, most of which are
built into your browser, to protect my and your:
</p>
<ul>
<li>Infrastructure</li>
<li>Data, and</li>
<li>Experience</li>
</ul>
<p>
You can see some of the main methods that this website uses below:
</p>
<div class="section_list">
<section>
<header>
<div>
<h3 class="name">Anubis</h3>
<span class="subtitle"
>AI Scraper Screening Utility</span
>
</div>
<div class="body">
<p>
This website is protected by a screening utility
known as
<a href="https://anubis.techaro.lol/" class="italic"
>Anubis</a
>. You may also have heard of this program as
<span class="italic">BotStopper</span> for those who
purchase a commercial license because they somehow
can't live with a cute anime girl showing up on
their websites. UNESCO notably don't have a problem
with that, and proudly present an anime girl as of
writing this.
</p>
<p>
Despite what some fools at the FSF figure, Anubis IS
NOT malware. See:
</header>
<div class="body">
<p>
This website is protected by a screening utility known
as
<a href="https://anubis.techaro.lol/"
><cite>Anubis</cite></a
>. You may also have heard of this program as
<cite>BotStopper</cite> for those who purchase a
commercial license because they somehow can't live with
a cute anime girl showing up on their websites. UNESCO
notably don't have a problem with that, and proudly
present an anime girl as of writing this.
</p>
<p>
I do not have a commercial license and do not pay in any
way for Anubis. If I had money to spare, I would
actively fund the project.
</p>
<p>
Despite what some fools at the FSF figure, Anubis IS NOT
malware. See:
<a href="https://www.youtube.com/watch?v=YisGpdPjYM8"
><cite
>I Platformed A Linux "Cyber Criminal"</cite
></a
>. It does have <em>similar</em> behaviour due to its
proof-of-work scheme, which asks your browser to run a
throwaway calculation in an effort to block or dissuade
AI scrapers. Many, if not nearly all clients, are
subject to screening based on various filters around
your browser's user agent string.
</p>
<p>
Additionally, if you have concerns about the legality of
my use of Anubis, please see
<a href="https://github.com/TecharoHQ/anubis/issues/50"
>Anubis Issue #50</a
>
where concerns were looked into.
</p>
<p>
Now, if you have a moral issue with this project, you
may do one of two things (because adjusting your UA will
just make me block the UA, or add a complete catch-all
rule):
</p>
<ol>
<li>
Don't allow JavaScript to run. (Have fun making this
work)
</li>
<li>Just don't use my website.</li>
</ol>
<p>
If you experience issues with Anubis blocking you, which
presumably hasn't happened on your way to this page, you
can email me with details. DO NOT bother the main
project as it may be an issue with a screening rule that
I've invoked.
</p>
<p>
If you do wish to raise an issue with the Anubis dev(s),
PLEASE DO NOT DO SOMETHING LIKE THIS:
</p>
<ul>
<li>
<a
href="https://www.youtube.com/watch?v=YisGpdPjYM8"
class="italic"
>I Platformed A Linux "Cyber Criminal"</a
>. It does have
<span class="italic">similar</span> behaviour due to
its proof-of-work scheme, which asks your browser to
run a throwaway calculation in an effort to block or
dissuade AI scrapers. Many, if not nearly all
clients, are subject to screening based on various
filters around your browser's user agent string.
</p>
<p>
Additionally, if you have concerns about the
legality of my use of Anubis, please see
<a
href="https://github.com/TecharoHQ/anubis/issues/50"
>Anubis Issue #50</a
href="https://github.com/TecharoHQ/anubis/issues/113"
>Anubis Issue #113</a
>
where concerns were looked into.
</p>
<p>
Now, if you have a moral issue with this project,
you may do one of two things (because adjusting your
UA will just make me block the UA, or add a complete
catch-all rule):
</p>
<ol>
<li>
Don't allow JavaScript to run. (Have fun making
this work)
</li>
<li>Just don't use my website.</li>
</ol>
<p>
If you experience issues with Anubis blocking you,
which presumably hasn't happened on your way to this
page, you can email me with details. DO NOT bother
the main project as it may be an issue with a
screening rule that I've invoked.
</p>
<p>
If you do wish to raise an issue with the Anubis
dev(s), PLEASE DO NOT DO SOMETHING LIKE THIS:
</p>
<ul>
<li>
<a
href="https://github.com/TecharoHQ/anubis/issues/113"
>Anubis Issue #113</a
>
</li>
<li>
<a
href="https://github.com/TecharoHQ/anubis/discussions/114"
>Anubis Discussion #114</a
>
</li>
<li>
<a
href="https://github.com/TecharoHQ/anubis/discussions/117"
>Anubis Discussion #117</a
>
</li>
</ul>
</div>
</div>
<div class="chunk">
<div class="header">
<div>
<h3 class="name">Content Security Policy (CSP)</h3>
</div>
</div>
<div class="body">
<p>
This website, unlike a scary number of sites
(including google.com and microsoft.com as of
writing) has a CSP configured. This helps prevent or
mitigate a number of possible attacks including
cross-site scripting and clickjacking.
</p>
<p>
Further Reading:
</li>
<li>
<a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP"
>https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP</a
href="https://github.com/TecharoHQ/anubis/discussions/114"
>Anubis Discussion #114</a
>
</p>
</div>
</div>
<div class="chunk">
<div class="header">
<div>
<h3 class="name">
HTTP Strict Transport Security (HSTS)
</h3>
</div>
</div>
<div class="body">
<p>
This website has a HSTS policy which indicates to
your browser to use a secure connection when
connecting.
</p>
<p>
Additionally, the server will force redirect ALL
connections over to HTTPS for any browsers which do
not use this header or have a HTTPS-only mode
enabled.
</p>
<p>
Further Reading:
</li>
<li>
<a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security"
>https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security</a
href="https://github.com/TecharoHQ/anubis/discussions/117"
>Anubis Discussion #117</a
>
</p>
</div>
</li>
</ul>
</div>
<div class="chunk">
<div class="header">
<div>
<h3 class="name">Other Security Headers</h3>
</div>
</div>
<div class="body">
<p>Some include:</p>
<ul>
<li>X-Content-Type-Options</li>
<li>X-Frame-Options</li>
<li>X-XSS-Protection</li>
<li>Permissions-Policy</li>
<li>Referrer-Policy</li>
</ul>
</section>
<section>
<header>
<div>
<h3 class="name">Content Security Policy (CSP)</h3>
</div>
</header>
<div class="body">
<p>
This website, unlike a scary number of sites (including
google.com and microsoft.com as of writing) has a CSP
configured. This helps prevent or mitigate a number of
possible attacks including cross-site scripting and
clickjacking.
</p>
<p>
Further Reading:
<a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP"
>https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP</a
>
</p>
</div>
<div class="chunk">
<div class="header">
<div>
<h3 class="name">Security.txt</h3>
</div>
</div>
<div class="body">
<p>
This file offers information to security researchers
to silently report any issues they find so that I
can resolve them.
</p>
</section>
<section>
<header>
<div>
<h3 class="name">
HTTP Strict Transport Security (HSTS)
</h3>
</div>
</header>
<div class="body">
<p>
This website has a HSTS policy which indicates to your
browser to use a secure connection when connecting.
</p>
<p>
Additionally, the server will force redirect ALL
connections over to HTTPS for any browsers which do not
use this header or have a HTTPS-only mode enabled.
</p>
<p>
Further Reading:
<a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security"
>https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Strict-Transport-Security</a
>
</p>
</div>
</div>
</section>
<section>
<header>
<div>
<h3 class="name">Other Security Headers</h3>
</div>
</header>
<div class="body">
<p>Some include:</p>
<ul>
<li>X-Content-Type-Options</li>
<li>X-Frame-Options</li>
<li>X-XSS-Protection</li>
<li>Permissions-Policy</li>
<li>Referrer-Policy</li>
</ul>
</div>
</section>
<section>
<header>
<div>
<h3 class="name">Security.txt</h3>
</div>
</header>
<div class="body">
<p>
This file offers information to security researchers to
silently report any issues they find so that I can
resolve them.
</p>
</div>
</section>
</div>
<div class="item">
<h2 class="title">Cookies</h2>
<p>
This website only leaves cookies that are required for the
website's functioning. I do not place any trackers on your
system.
</p>
<p>
Note: I cannot say what cookies may be left by services that I
host (such as Gitea and Web Check). For more details, please see
those projects' documentation.
</p>
<p>You can see all cookies that this website uses below:</p>
<div class="chunk_list">
<div class="chunk">
<div class="header">
<div>
<h3 class="name">Anubis</h3>
<span class="subtitle"
>AI Scraper Screening Utility</span
>
</div>
</div>
<div class="body">
<p>
This website does utilize a cookie. This cookie is
made by Anubis to keep your system from having to
pass the proof-of-work check every time you request
a resource from this site.
</p>
<p>
THEORETICALLY, this cookie, as with any JavaScript
cookie,
<span class="italic">can</span> be used to track
you.
</p>
<p>
HOWEVER, I do not use it for tracking, Anubis does
not use it for tracking, and there is no evidence
that 3rd parties are abusing the cookie. There are
far more attractive targets.
</p>
<p>
IF this becomes an issue, until the lead
developer(s) and/or community can find a solution,
Anubis will be reconfigured to send out challenges
even more frequently, and an advisory notice to wipe
your browser cookies at the end of your session will
be made.
</p>
<p>
Under the current configuration, Anubis' cookies are
valid for 24h. This does not mean that the cookie is
necessarily gone from your system.
</p>
<p>
<a
href="https://github.com/TecharoHQ/anubis/issues/50"
>Anubis Issue #50</a
>
briefly looked into the possibility of abuse via the
cookie.
</p>
</div>
<div class="item">
<h2 class="title">Cookies</h2>
<p>
This website only leaves cookies that are required for the website's
functioning. I do not place any trackers on your system.
</p>
<p>
Note: I cannot say what cookies may be left by services that I host
(such as Gitea and Web Check). For more details, please see those
projects' documentation.
</p>
<p>You can see all cookies that this website uses below:</p>
<div class="section_list">
<section>
<header>
<div>
<h3 class="name">Anubis</h3>
<span class="subtitle"
>AI Scraper Screening Utility</span
>
</div>
</header>
<div class="body">
<p>
This website does utilize a cookie. This cookie is made
by Anubis to keep your system from having to pass the
proof-of-work check every time you request a resource
from this site.
</p>
<p>
THEORETICALLY, this cookie, as with any JavaScript
cookie,
<em>can</em> be used to track you.
</p>
<p>
HOWEVER, I do not use it for tracking, Anubis does not
use it for tracking, and there is no evidence that 3rd
parties are abusing the cookie. There are far more
attractive targets.
</p>
<p>
IF this becomes an issue, until the lead developer(s)
and/or community can find a solution, Anubis will be
reconfigured to send out challenges even more
frequently, and an advisory notice to wipe your browser
cookies at the end of your session will be made.
</p>
<p>
Under the current configuration, Anubis' cookies are
valid for 24h. This does not mean that the cookie is
necessarily gone from your system.
</p>
<p>
<a href="https://github.com/TecharoHQ/anubis/issues/50"
>Anubis Issue #50</a
>
briefly looked into the possibility of abuse via the
cookie.
</p>
</div>
</div>
</section>
</div>
</div>
</div>
</div>
<include src="includes/tailer.html" />
</div>
<div class="pane_spacer">
<div class="spacer_container"><p>#AD</p></div>
<div class="spacer_container"><p>#AD</p></div>
</div>
<include src="includes/tailer.html" />
</main>
<div class="pane spacer">
<div class="spacer_container"><p>#AD</p></div>
<div class="spacer_container"><p>#AD</p></div>
</div>
<include src="includes/footer.html" />
<include src="includes/scripts.html" />