- Darken #179e83 -> #148069 for backgrounds with white text (3.36->4.86:1)
- Darken #148a72 -> #148069 for green text on white (4.27->4.86:1)
- Darken trust-heading #6c757d -> #5c6370 on #f8f9fa (4.45->5.73:1)
- Switch #00cc66 bg elements (sticky CTA btn, case-study metric) to dark text
- Fix .btn:link color: inherit -> white (was inheriting body #333 instead of white)
- Add .btn:hover lift/shadow for bare .btn class
- cursor: default on body (stops I-beam appearing on non-interactive text)
- cro-enhancements: add role=complementary + aria-label to sticky CTA bar
- Hide Apache version (ServerTokens Prod)
- Add Permissions-Policy header
- Remove deprecated X-XSS-Protection
- Consolidate security headers to .htaccess only (remove duplicates from PHP)
- Deploy free tools: robots-analyzer, data-converter
- Deploy tools announcement blog post
- Update sitemap with new tools and blog post
- Fix color contrast: change #179e83 to #148069 for WCAG AA compliance
- Add ARIA attributes to mobile nav toggle (aria-expanded, aria-controls)
- Implement focus trap on mobile menu with Escape key support
- Add aria-hidden to decorative hero SVG
- Add ARIA validation to contact form (aria-invalid, aria-describedby)
- Fix touch target sizes (notification close button 48x48px)
- Fix form session expiration by relaxing timestamp validation
- Add cache busting (v1.1.0) to JS/CSS files
- Update service worker cache version to force refresh
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The minified JS was out of sync with the source file, missing the
grecaptcha integration, XMLHttpRequest header, and interaction token
that the server-side handler requires.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix JavaScript syntax errors preventing form submission
- Update reCAPTCHA configuration with working test keys
- Restore comprehensive spam protection (reCAPTCHA v3, AJAX validation, rate limiting)
- Switch from minified to source JS file to apply critical fixes
- Add missing security headers and form validation
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add region1.google-analytics.com to CSP headers in index.php and blog articles
- Fix manifest.json icon purpose warning by changing to "any"
- Add mobile-web-app-capable meta tag for mobile compatibility
- Revert CSS files to stable version from commit 5558f53 to resolve hero section animation issues
- Remove spam protection code that was causing layout problems
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
