I need to be able to inject custom HTML into the
<head> tag of my Obsidian Publish site, in such a way that simple scrapers can scan it. The immediate use-case is to verify my domain on my Mastodon profile (which uses a
<link> tag to prove ownership), but further use cases are typical of anything you’d normally do in
- Add my own opengraph tags to customize social embedding
- Add my own analytics tags
- Add other forms of proof-of-ownership
tl;dr: publish.css, but head.html
I can publish custom CSS and JS by adding publish.css/publish.js files to the root of my vault. If I could write a publish.html or head.html file in a similar way, and just have that raw content injected before the
</head> tag, that’d solve it.
From a security standpoint, it doesn’t seem like this would expand the existing attack surface area that is publish.js, given that I could (probably) write my own malicious script that takes over my site and loads something else in its place - unless there’s some strong filtering that’s happening after the file is published!