summaryrefslogtreecommitdiffhomepage
path: root/website
diff options
context:
space:
mode:
Diffstat (limited to 'website')
-rw-r--r--website/BUILD4
-rw-r--r--website/_includes/footer.html2
-rw-r--r--website/_includes/graph.html2
-rw-r--r--website/_includes/header-links.html2
-rw-r--r--website/_layouts/docs.html4
-rw-r--r--website/blog/2019-11-18-security-basics.md23
-rw-r--r--website/defs.bzl4
7 files changed, 24 insertions, 17 deletions
diff --git a/website/BUILD b/website/BUILD
index 4488cb543..10e0299ae 100644
--- a/website/BUILD
+++ b/website/BUILD
@@ -55,9 +55,7 @@ genrule(
"docker run -i --user $$(id -u):$$(id -g) " +
"-v $$(readlink -m $$T/output/_site):/output " +
"gvisor.dev/images/jekyll " +
- "/usr/gem/bin/htmlproofer " +
- "--disable-external " +
- "--check-html " +
+ "ruby /checks.rb " +
"/output && " +
"cp $(location //website/cmd/server) $$T/output/server && " +
"tar -zcf $@ -C $$T/output . && " +
diff --git a/website/_includes/footer.html b/website/_includes/footer.html
index 9cc8176f7..c1a373329 100644
--- a/website/_includes/footer.html
+++ b/website/_includes/footer.html
@@ -8,7 +8,7 @@
<script src="https://cdnjs.cloudflare.com/ajax/libs/d3/4.13.0/d3.min.js" integrity="sha256-hYXbQJK4qdJiAeDVjjQ9G0D6A0xLnDQ4eJI9dkm7Fpk=" crossorigin="anonymous"></script>
{% if site.analytics %}
-<script type="application/javascript">
+<script>
var doNotTrack = false;
if (!doNotTrack) {
window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};ga.l=+new Date;
diff --git a/website/_includes/graph.html b/website/_includes/graph.html
index f3a999341..ba4cf9840 100644
--- a/website/_includes/graph.html
+++ b/website/_includes/graph.html
@@ -1,7 +1,7 @@
{::nomarkdown}
{% assign fn = include.id | remove: " " | remove: "-" | downcase %}
<figure><a href="{{ include.url }}"><svg id="{{ include.id }}" width=500 height=200 onload="render_{{ fn }}()"><title>{{ include.title }}</title></svg></a></figure>
-<script type="text/javascript">
+<script>
function render_{{ fn }}() {
d3.csv("{{ include.url }}", function(d, i, columns) {
return d; // Transformed below.
diff --git a/website/_includes/header-links.html b/website/_includes/header-links.html
index 467bb1e72..4232fdaa5 100644
--- a/website/_includes/header-links.html
+++ b/website/_includes/header-links.html
@@ -2,7 +2,7 @@
<div class="container">
<div class="navbar-brand">
<a href="/">
- <img src="/assets/logos/logo_solo_on_dark.svg" height="25px" class="d-inline-block align-top" style="margin-right: 10px;" alt="logo"/>
+ <img src="/assets/logos/logo_solo_on_dark.svg" height="25" class="d-inline-block align-top" style="margin-right: 10px;" alt="logo" />
gVisor
</a>
</div>
diff --git a/website/_layouts/docs.html b/website/_layouts/docs.html
index 549305089..6bc5d87db 100644
--- a/website/_layouts/docs.html
+++ b/website/_layouts/docs.html
@@ -47,8 +47,8 @@ categories:
<h1>{{ page.title }}</h1>
{% if page.editpath %}
<p>
- <a href="https://github.com/google/gvisor/edit/master/{{page.editpath}}" target="_blank"><i class="fa fa-edit fa-fw"></i> Edit this page</a>
- <a href="https://github.com/google/gvisor/issues/new?title={{page.title | url_encode}}" target="_blank"><i class="fab fa-github fa-fw"></i> Create issue</a>
+ <a href="https://github.com/google/gvisor/edit/master/{{page.editpath}}" target="_blank" rel="noopener"><i class="fa fa-edit fa-fw"></i> Edit this page</a>
+ <a href="https://github.com/google/gvisor/issues/new?title={{page.title | url_encode}}" target="_blank" rel="noopener"><i class="fab fa-github fa-fw"></i> Create issue</a>
</p>
{% endif %}
<div class="docs-content">
diff --git a/website/blog/2019-11-18-security-basics.md b/website/blog/2019-11-18-security-basics.md
index fbdd511dd..76bbabc13 100644
--- a/website/blog/2019-11-18-security-basics.md
+++ b/website/blog/2019-11-18-security-basics.md
@@ -44,10 +44,10 @@ into it in the next section!
# Design Principles
-gVisor was designed with some
-[common secure design principles](https://www.owasp.org/index.php/Security_by_Design_Principles)
-in mind: Defense-in-Depth, Principle of Least-Privilege, Attack Surface
-Reduction and Secure-by-Default[^1].
+gVisor was designed with some common
+[secure design](https://en.wikipedia.org/wiki/Secure_by_design) principles in
+mind: Defense-in-Depth, Principle of Least-Privilege, Attack Surface Reduction
+and Secure-by-Default[^1].
In general, Design Principles outline good engineering practices, but in the
case of security, they also can be thought of as a set of tactics. In a
@@ -282,16 +282,23 @@ stable.
## Notes
-[^1]: [https://www.owasp.org/index.php/Security_by_Design_Principles](https://www.owasp.org/index.php/Security_by_Design_Principles)
+[^1]: [https://en.wikipedia.org/wiki/Secure_by_design](https://en.wikipedia.org/wiki/Secure_by_design)
[^2]: [https://gvisor.dev/docs/architecture_guide](https://gvisor.dev/docs/architecture_guide/)
[^3]: [https://github.com/google/gvisor/blob/master/pkg/sentry/syscalls/linux/linux64_amd64.go](https://github.com/google/gvisor/blob/master/pkg/sentry/syscalls/syscalls.go)
-[^4]: Internally that is, it doesn't call to the Host OS to implement them, in
- fact that is explicitly disallowed, more on that in the future.
+
+<!-- mdformat off(mdformat formats this into multiple lines) -->
+[^4]: Internally that is, it doesn't call to the Host OS to implement them, in fact that is explicitly disallowed, more on that in the future.
+<!-- mdformat on -->
+
[^5]: [https://elixir.bootlin.com/linux/latest/source/arch/x86/entry/syscalls/syscall_64.tbl#L345](https://elixir.bootlin.com/linux/latest/source/arch/x86/entry/syscalls/syscall_64.tbl#L345)
[^6]: [https://github.com/google/gvisor/tree/master/runsc/boot/filter](https://github.com/google/gvisor/tree/master/runsc/boot/filter)
[^7]: [https://en.wikipedia.org/wiki/Dirty_COW](https://en.wikipedia.org/wiki/Dirty_COW)
[^8]: [https://github.com/google/gvisor/blob/master/runsc/boot/config.go](https://github.com/google/gvisor/blob/master/runsc/boot/config.go)
-[^9]: [https://en.wikipedia.org/wiki/9P_(protocol)](https://en.wikipedia.org/wiki/9P_\(protocol\))
+
+<!-- mdformat off(mdformat breaks this url by escaping the parenthesis) -->
+[^9]: [https://en.wikipedia.org/wiki/9P_(protocol)](https://en.wikipedia.org/wiki/9P_(protocol))
+<!-- mdformat on -->
+
[^10]: [https://gvisor.dev/docs/user_guide/networking/#network-passthrough](https://gvisor.dev/docs/user_guide/networking/#network-passthrough)
[^11]: [https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ptrace/subprocess.go#L390](https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ptrace/subprocess.go#L390)
[^12]: [https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ring0/kernel_amd64.go#L182](https://github.com/google/gvisor/blob/c7e901f47a09eaac56bd4813227edff016fa6bff/pkg/sentry/platform/ring0/kernel_amd64.go#L182)
diff --git a/website/defs.bzl b/website/defs.bzl
index ead6a3067..f52946c15 100644
--- a/website/defs.bzl
+++ b/website/defs.bzl
@@ -1,5 +1,7 @@
"""Wrappers for website documentation."""
+load("//tools:defs.bzl", "short_path")
+
# DocInfo is a provider which simple adds sufficient metadata to the source
# files (and additional data files) so that a jeyll header can be constructed
# dynamically. This is done the via BUILD system so that the plain
@@ -29,7 +31,7 @@ def _doc_impl(ctx):
category = ctx.attr.category,
subcategory = ctx.attr.subcategory,
weight = ctx.attr.weight,
- editpath = ctx.files.src[0].short_path,
+ editpath = short_path(ctx.files.src[0].short_path),
authors = ctx.attr.authors,
),
]
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 12:36:11 +0000