• Series: building this blog
Hardening the Blog: Security Headers, CSP Automation, and GDPR-Friendly Comments
How I locked down this static Astro blog with a strict Content Security Policy, automated CSP hashing as a post-build step, self-hosted fonts, and click-to-load Giscus comments that respect GDPR.