<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="zh">
  <title>Waves&apos; Blog</title>
  <subtitle>Security Blog</subtitle>
  <link rel="self" type="application/atom+xml" href="https://blog.wavespro.net/atom.xml" />
  <link rel="alternate" type="text/html" href="https://blog.wavespro.net/" />
  <id>https://blog.wavespro.net/</id>
  <updated>2026-07-03T00:00:00.000Z</updated>
  <author><name>Waves</name></author>
  <entry>
    <title>GitHub Actions 无密钥部署 Azure：OIDC 联合身份的原理</title>
    <link href="https://blog.wavespro.net/posts/keyless-deploy-with-oidc" />
    <id>https://blog.wavespro.net/posts/keyless-deploy-with-oidc</id>
    <published>2026-07-03T00:00:00.000Z</published>
    <updated>2026-07-03T00:00:00.000Z</updated>
    <summary>这个博客部署到 Azure Static Web Apps 时如何做到 GitHub 端零长效 secret：从 Entra ID 的 workload identity、federated credential 四要素，到 OIDC Discovery 验签、双层 token 与信任边界。</summary>
  </entry>
  <entry>
    <title>View Transitions × Astro Islands：丝滑切页与性能预算</title>
    <link href="https://blog.wavespro.net/posts/view-transitions-and-islands" />
    <id>https://blog.wavespro.net/posts/view-transitions-and-islands</id>
    <published>2026-06-28T00:00:00.000Z</published>
    <updated>2026-06-28T00:00:00.000Z</updated>
    <summary>用浏览器原生 View Transitions API 做跨页动画，配合 Astro Islands 把交互成本压在岛屿内，最终守住 0 JS 默认与首屏 &lt; 50KB 的预算。</summary>
  </entry>
  <entry>
    <title>静态托管上的严格 CSP：踩过的坑与最终方案</title>
    <link href="https://blog.wavespro.net/posts/strict-csp-on-static-hosting" />
    <id>https://blog.wavespro.net/posts/strict-csp-on-static-hosting</id>
    <published>2026-06-24T00:00:00.000Z</published>
    <updated>2026-06-24T00:00:00.000Z</updated>
    <summary>在 Azure Static Web Apps 上落地 script-src &apos;self&apos;，放弃 per-request nonce，权衡 Trusted Types 与 Pagefind，并把所有响应头收进 staticwebapp.config.json。</summary>
  </entry>
  <entry>
    <title>为什么用 Astro 5 搭这个博客</title>
    <link href="https://blog.wavespro.net/posts/hello-astro" />
    <id>https://blog.wavespro.net/posts/hello-astro</id>
    <published>2026-06-20T00:00:00.000Z</published>
    <updated>2026-06-20T00:00:00.000Z</updated>
    <summary>记录这个双语技术博客的技术选型：Astro 5 Islands、零 JS 默认、Tailwind v4 CSS-first，以及为什么不选 Next 或纯静态生成器。</summary>
  </entry>
</feed>
