Alchemy

SEO fixes applied

This is the changelog for the Screaming Frog issue cleanup.

Done in code

• Page titles lengthened past 30 chars: about.html, privacy.html, terms.html, journal/index.html (also differentiated from H1).
• seo_title added to _posts/2026-02-22-vermouth-is-wine-and-that-changes-everything.md and _posts/2026-02-16-dry-shake-cocktails-egg-whites.md.
• Page titles shortened below 60 chars on _posts/2026-02-28-the-hurricane-cocktail-new-orleans-history.md, _posts/2026-05-01-boston-shaker-vs-cobbler-shaker.md, _posts/2026-03-16-the-vieux-carre-cocktail.md.
• Meta descriptions shortened on faq.html, vermouth, penicillin, boston-shaker, and vieux-carré posts.
• H2 missing on faq.html: added “Common Questions about Alchemy” subheading.
• Image width/height attributes added to every <img> in the site:
  • All HTML pages (index.html, about.html, faq.html, privacy.html, terms.html, journal/index.html).
  • Both layouts (_layouts/post.html, _layouts/post-editorial.html) — hero uses new image_width / image_height front-matter with sensible 1600×900 fallback.
  • Every <img> inside _posts/*.md body content (30 images across 11 posts).
  • image_width / image_height added to the front matter of every post for the hero.
• <meta name="referrer" content="strict-origin-when-cross-origin"> added to every page’s head.

Skipped — false positives

• H2: Multiple (16 URLs) — informational only; multiple H2s are valid HTML.
• Canonicals: Canonicalised — /index.html correctly canonicalises to /. /blog/ correctly canonicalises to /journal/ (it’s a redirect page).
• Internal Outlinks With No Anchor Text — exported CSV had only the header row.

Outstanding — needs hosting / asset work

Security headers (still flagged after the meta-tag change)

GitHub Pages cannot set HTTP response headers, so these need the host (Cloudflare in front of alchemycocktails.app). Add the following as a Transform Rule → Modify Response Header (or in _headers if you migrate to Cloudflare Pages / Netlify):

X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://www.gstatic.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://www.google-analytics.com; connect-src 'self' https://www.google-analytics.com https://*.firebaseio.com https://*.firebasedatabase.app https://cloudflareinsights.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self' https://app.us9.list-manage.com

Notes on the CSP:

• script-src allows GTM/GA, Firebase compat SDK on gstatic.com, plus inline scripts (the GTM bootstrap is inline).
• connect-src covers GA + Firebase Realtime Database (used for like counts on the journal).
• form-action allows the Mailchimp launch-promo form on index.html.
• Test on a staging hostname before rolling out — CSP is the easiest way to break a site.

The meta-tag Referrer-Policy already in <head> will satisfy the Screaming Frog check even without the header, but configure both for belt-and-braces.

Images over 100 KB (40 URLs)

Worst offenders (PNG sources still in assets/, sizes from disk):

File	Size	Recommendation
assets/screenshots/ipad/iPad-Party-Mode-Landscape.png	6.2 MB	Convert to WebP at 1500×1125 (you already use the .webp variant on the page). Delete the .png if unused.
assets/screenshots/ipad/iPad-Party-Mode.png	6.1 MB	Same.
assets/screenshots/ipad/iPad-Party-Mode-Detail.png	5.0 MB	Same.
assets/screenshots/ipad/iPad-My-Bar-Filled.png	3.8 MB	Convert / drop.
assets/screenshots/iphone/*.png (multiple, 1–3 MB)	up to 3.0 MB	Convert all to WebP at 900×1956 display size.
assets/blog/*-hero.png (vieux-carré, hurricane, dry-shake-technique, penicillin, what-is-amaro, vermouth-martini)	1.0–1.9 MB	You already have .webp counterparts; remove the .png originals and update any remaining links.
assets/images/paul-de-halle.png	2.2 MB	Site uses the .webp; safe to delete the .png.
assets/images/marketing/*.png	0.9–2.3 MB	Marketing/social — out of crawl scope, but still costs repo size.

The Screaming Frog list also flags WebPs in the 200–500 KB range. Those are mostly fine for hero photos but you can trim 30–50% by re-encoding at quality 75–80 and resizing to actual display widths. I didn’t run any image tooling here — needs your authorization since it rewrites assets. When you’re ready, the simplest cmd is:

brew install cwebp jpegoptim
# example: re-encode a hero at q75 capped to 1600px wide
cwebp -q 75 -resize 1600 0 input.png -o output.webp

Then run a follow-up Screaming Frog crawl to confirm.