There has been an update to the way Lemmy handles the content security policy, in order to prevent similar attacks that happened to lemmy.world and lemmy.blahaj.zone. We have been running a custom CSP before, both to mitigate some attack vectors (although we wouldn’t have caught this XSS) and to enable pulling fonts from Google Fonts, which is incompatible with the new security measures, so we’re switching to a different solution there. The font will be back, it’s just gonna take a sec.
Also, if you prefer this look, we’re going to include a theme without the script font, as well as a few other variations.
Update: CSS files updated. We have four font options now:
- font 1: HelvetiHand, the menu font from Life is Strange. Would be a cool default but unfortunately it has some aliasing issues in some browsers.
- font 2: Neucha, the default font we use on the instance. Still similar to the game, but renders well.
- font 3: Dudu Calligraphy, the font from Max’s diary. Unfortunately has the same issues as HelvetiHand.
- font 4: Helvetica, plain old and simple, if you’d like a non-script font. Since HelvetiHand was modeled after it it’s weirdly fitting for a LiS community.
You must log in or register to comment.