This page documents the inner workings of my site; all it's directories, technologies, and decisions will be laid bare before you. After all, If you know where everything is and how it should work, it's going to be a lot harder for someone to use this site as a way to exploit you.

Many privacy-focused sites have what is called a canary notice: a small notice telling visitors that the government hasn't requested information on any users. Users can then determine if a site was subject to a search if the canary notice disappears. You can find my canary notice at the bottom left of each page on the site.

There are several methods of injecting malicious content into a webpage. I have coded the site in such a way as to prevent as many of them as I could, or at least make it hard to hide them:

• Javascript: There will be exactly one inline script, and its purpose is to scan for and remove other scripts/payloads before your browser can load them.
• SVG Payloads: Due to it's rich feature set, SVGs can embed javascript payloads and even request foreign resources. For this reason, all SVG data is placed at the beginning of the body, in full view of the user. I'm doing some research into how neocities sanitizes its file uploads, so I know if I need to make my own malicious XML detector out of javascript. For more info about SVG payloads, check here.
• Cookies, browser fingerprinting, and other tracking methods: Neocities doesn't allow or support server-side code, rendering it impossible for me to store any information on you. But if you still aren't convinced, you're welcome to check the network tab of your browser's developer tools to see exactly what requests are being made and what data is being sent to whom.

If I'm compromised, I'd rather not have any information on you. The best data protection method is to not collect the data.

I designed this site to be customized. There is one CSS file that contains everything needed to make the page look the way it does. Everything from the colors to the size of various elements can be changed by you using a CSS injector plugin for your browser. You can find these variables by viewing the source in the developer console.

I did this so that the site can be changed to your needs. If you suffer from colorblindness, you can tweak the colors. If you need to get rid of some animations, you can do that too. I want this site to be accessible by design, and not just as an afterthought.

With that said, however, there are a number of things that are still broken for some reason. I am trying to fix them as soon as I can, but these aren't normal problems, they're the kind you only encounter if you are cursed.

• The font size cannot be set. Like, at all.
• The link to the canary notice works, but cannot be clicked. For now, you need to manually add "/canary.html" to the homepage URL.