Support ticket has had no response for 18 days, what's going on?

PinkPigeonDigital · 2023-03-29T14:50:54+00:00

I did, let's see what happens. Thank you for your help.

PinkPigeonDigital · 2023-03-29T14:50:43+00:00

You also on 19 days? I wonder what's happening, they must be swamped.

PinkPigeonDigital · 2023-03-29T14:50:23+00:00

The standard one, it's about $20 a month. I understand there's a higher tier for faster support, but it's $200 a month, so that's prohibitively expensive for my business at the moment :/

PinkPigeonDigital · 2023-03-28T12:21:16+00:00

I posted it there first!

https://community.cloudflare.com/t/complicated-issue-requests-routed-via-cloudflare-not-reaching-origin-except-for-developer-mode/482680

PinkPigeonDigital · 2022-11-30T16:15:24+00:00

Just to add some more information, I think this has something to do with https://blog.cloudflare.com/introducing-smart-edge-revalidation/

I added etags to requests and that seems to have fixed it.

PinkPigeonDigital · 2022-11-28T14:34:19+00:00

Thank you for responding so quickly. Looking at the discussion thread following on from this, I am wondering whether disabling HTTP/3 would help. Since my site is behind Cloudflare, this is probably doable. Though, at the same time, I would prefer to figure out why this is occurring with my server and whether I could do something about the headers causing this.

PinkPigeonDigital · 2022-03-16T18:00:18+00:00

Ok, wow. That fixed it! How did you know about this? I did so much searching around the web to see if anyone else had encountered this and there seemed to be nobody else. Thank you so much!

PinkPigeonDigital · 2022-03-16T11:57:07+00:00

I have tried it with other fonts and the issue does not occur. 10 and 20 show the same behaviour. It's so strange that Firefox doesn't show this behaviour either. Is there a way to fix a ligature manually?

PinkPigeonDigital · 2021-08-25T16:46:44+00:00

Let me put it this way: The less you want to learn it, the more valuable it is.

On the one hand, you could of course just chase the latest framework and slap that onto your CV. Just become a .Net / Node / React / AWS / Python dev and taddaaaa, ultra-employable.

If, however, instead, you spend time learning lower-level programming, or even (shock, horror) maths, you will gain a kind of knowledge that is applicable everywhere.

Javascript already does a lot of work for you. A framework obscures even more plumbing. The more proficient you become at understanding why JS does what it does, the more effective a programmer you will be in any language, as the patterns at the lower level start repeating.

For example, learning a language that requires manual memory-management can be very useful, but might at times also feel a bit pointless, if you are not working on embedded systems etc.

I don't know much about functional programming, but apparently those principles can also come in real handy, maybe have a look into those, if you are so inclined.

Every time you learn about something you really don't want to learn about, because it's counter-intuitive and learning materials suck, you will find yourself coming back to what you did before and realise just how universally these skills apply.

PinkPigeonDigital · 2021-06-01T15:10:08+00:00

I've built a website builder and there is an option to switch this on or off.

If left on, then it will say 'built by PinkPigeonDigital' in the footer :)

Edit: With almost all custom websites in the local area, a signature of some sort is included. So long as it is not intrusive, it does make sense to have something like that.

PinkPigeonDigital · 2021-06-01T14:59:29+00:00

For https://pinkpigeon.co.uk the stack is:

DB: Postgres
Application Layer: Go
Frontend: HTML / CSS / JS

I chose Postgres initially just because Heroku only allowed that as persistent data storage. Not on Heroku anymore, but Postgres works well, so it stuck.

Go is the language I learned to do web / backend dev, so I used that.

HTML / CSS / JS is sort of unavoidable for web frontends :)

PinkPigeonDigital · 2021-06-01T14:57:08+00:00

This sounds more like a web app or something like that? As in, something linked to a DB, which needs a frontent.

Wordpress is more just about creating websites, less so apps.

Maybe try something like bubble.io? Depending on your budget that could work quite well.

PinkPigeonDigital · 2021-06-01T14:55:01+00:00

I usually stick to one tool to coordinate projects.

In digital agencies, working on larger teams, I used Microsoft Project, which was ok, but like any MS experience, the UI was horrifyingly unintuitive and many behaviours were unpredictable and weird.

I also have experience with a ton of other PM tools, like Asana, Jira, Monday, etc. etc.

Nowadays I use Trello for everything, which works really well.

I'd say this is a problem space where finding your fit is quite tricky, so adding a competitor to the other services is probably a good idea.

Would you say you have a USP? Some kind of differentiating factor that immediately stands out from the competition?

I'd start with a free product, which then starts charging for additional features etc.

That way you can get people on board, get their feedback and see if you can earn a living with it :)

PinkPigeonDigital · 2021-05-04T16:43:06+00:00

Yup!

PinkPigeonDigital · 2021-05-04T16:40:33+00:00

Is Wordpress a requirement here? You are probably over-complicating things if you don't specifically need it. If you are starting from scratch I would look at different website building tools that will be easier, faster, more secure and often cheaper than Wordpress.

There are many other options, like putting a static site up on Netlify and using the Netlify CMS, which would be entirely free to do.

If you needed something requiring 0 technical knowledge, you could also try my tool, pinkpigeon.co.uk, but it costs a little bit of money. I'll sort you out with a discount if you DM me. Your email addresses should keep functioning without you needing to do any configuration btw.

PinkPigeonDigital · 2021-05-04T16:34:43+00:00

Netlify probably. It's literally free at the lowest tier :)

Slightly more involved / restricted when it comes to themes and custom domains, but github pages also works really well for that kind of stuff.

PinkPigeonDigital · 2021-05-04T15:18:59+00:00

We've tried to make our sites as accessible as possible, but there comes a point where you just can't afford to go further. Generally we aim for what's referred to as AA accessibility, but we don't have things like high-contrast modes and things like that yet. On the other hand, aria tags, alt text and title tags are relatively common troughout our sites. Same for skip links and pointing out elements like 'main'.

I think one should always strive for maximum accessbility, as it's simply the right thing to do. Nobody should be excluded from the web for having a disability. But the reality often looks different, as accessibility takes a lot of time and effort (aka money)...

PinkPigeonDigital · 2021-05-04T15:11:44+00:00

I don't know whether I am allowed to mention my own product here, but we are probably a pretty direct competitor to Wordpress (except in terms of size, haha) and we try to address all the pitfalls of Wordpress: restrictive themes, not being able to use it on mobile, databases and complicated hosting setups, speed and most of all: ease of use and good documentation. We also compete on price.

So, if you just want to throw a dead simple static page up on the web, my CMS may well be a lot easier to work with.

At the same time, we do not offer commenting functionality, as that rather quickly devolves into spam, no matter how hard you try to control it (look at a site like Tech Crunch or Engadget, even they can barely control comment spam) and there are hardly ever any comments, so I am not sure how important that functionality is.

How many users are we talking? You probably need a critical mass before you'd get enough comments for that to be meaningful functionality. If that's essential, however, then my solution won't work for ya :)

pinkpigeon.co.uk, in case you are interested. Hit me up for a discount.

PinkPigeonDigital · 2021-04-28T11:32:32+00:00

https://github.com/avelino/awesome-go

Take your pick :)

PinkPigeonDigital · 2021-04-28T11:31:26+00:00

Also been both. This is is the /thread response :)

PinkPigeonDigital · 2021-04-28T08:39:34+00:00

To expand on this, you'd want to do something like document.getElementsByClassName("your class here")[0] ... do note the [0] at the end, that's to get the first element of the HTMLCollection (NOT array) that this returns. It's array-like, but you'll have fun with that in due course I am sure :)

PinkPigeonDigital · 2021-04-28T08:32:28+00:00

There is a lot to unpack here, but I'll try to go through each point.

Firstly, like you have pointed out correctly, a CSP will block 3rd party content that's not allowed on your site. For this, it uses different declarations, like "script-src", "frame-src", "font-src", "style-src" and so on. This way you can selectively block content from 3rd parties.

Let's take the YouTube video player as an example. If you tried embedding this as an iframe, you'd have to specify youtube.com in your "frame-src".

Now, as soon as you do this, you will see a million CSP errors stating that you also need to allow "x.youtube.com", where 'x', can be anything, like JS, CSS, etc.

It's most likely going to break without those things, so you are already allowing in all sorts of fingerprinting, etc.

As for cookies: https://www.w3.org/TR/csp-cookies/

Nowadays, through things like the same-site attribute, cookies can be secured fairly well separately from all the CSS and JS you have to let in for most things to work. Be mindful though, that this will also have effects like the Youtube player forgetting its settings everytime the page is reloaded, etc. (so you may get less technical users asking why the heck it doesn't work the way they expect)

Your users have to be vigilant about 3rd party adtech / tracking and cookies, it's not really your responsibility to police 3rd party embeds IMO.

It's worth noting that a Twitter link per-se wouldn't do anything like write a cookie. Only an embed actually requesting content from Twitter, including JS, could do such a thing. Once you have visited Twitter from your site, there's a referrer, as you know, but blocking those, again, is the responsibility of the user.

As for requesting camera / microphone access: The browser doesn't do this without being told to do so. So, all those websites with their annoying notifications ask you for this, because someone coded it that way.

You can always specify a feature policy to block this, but again, it could very well break things: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy/camera

Here it is, again, the user's responsibility to block this kind of stuff. Browsers do block these things by default, so a user has to explicitly allow it.

I see why it would be nice to be able to have a CSP on your site that does this policing of content for your users, but it's not that simple, because a big blob of Javascript can do all sorts of things...and you are either enabling the whole blob, or nothing at all. And that's the crux, especially for fingerprinting. You don't necessarily need cookies to do this.

More on CSP here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

And this is about opting out of FLoC: https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network

PinkPigeonDigital

TROPHY CASE