diff --git a/index.gmi b/index.gmi
new file mode 100644
index 0000000..d0eed0c
--- /dev/null
+++ b/index.gmi
@@ -0,0 +1,22 @@
+# TLS Client Hello Mirror
+
+=> /json/v1 Your browser's TLS Client Hello, reflected as JSON
+
+This test:
+
+* reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;
+* can be used to check for TLS privacy pitfalls (session resumption, TLS fingerprinting, system time exposure);
+* supports multiple protocols (currently HTTP and Gemini);
+* is free as in freedom and trivial to self-host.
+
+JSON only, for now. The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are available at:
+
+=> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml TLS parameters
+=> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml TLS extensions
+
+Note that these lists do not include draft extensions and GREASE values. Missing values will be documented here as the project evolves.
+
+_____________________
+=> https://nervuri.net/ Author: nervuri
+=> https://tildegit.org/nervuri/client-hello-mirror Source (contributions welcome)
+=> https://www.gnu.org/licenses/agpl-3.0.en.html License: AGPL-3.0-or-later
diff --git a/index.html b/index.html
new file mode 100644
index 0000000..95e5668
--- /dev/null
+++ b/index.html
@@ -0,0 +1,62 @@
+
+
+
+
+
+
+TLS Client Hello Mirror
+
+
+
+TLS Client Hello Mirror
+
+
+This test:
+
+
+JSON only, for now, but a UI is on the roadmap.
+The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are documented at:
+
+Note that these lists do not include draft extensions and GREASE values. Missing values will be documented here as the project evolves.
+
+
+
+
+
diff --git a/server.go b/server.go
index 6827b93..e9336f4 100644
--- a/server.go
+++ b/server.go
@@ -6,6 +6,7 @@ import (
"bufio"
"bytes"
"crypto/tls"
+ _ "embed"
"encoding/binary"
"encoding/json"
"flag"
@@ -42,91 +43,11 @@ func fatalError(err ...any) {
logger.Fatal(err...)
}
-const html = `
-
-
-
-
-
-TLS Client Hello Mirror
-
-
-
-TLS Client Hello Mirror
-
-
-This test:
-
-
-JSON only, for now, but a UI is on the roadmap.
-The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are documented at:
-
-Note that these lists do not include draft extensions and GREASE values. Missing values will be documented here as the project evolves.
-
-
-
-
-`
+//go:embed index.html
+var html string
-const gemtext = `# TLS Client Hello Mirror
-
-=> /json/v1 Your browser's TLS Client Hello, reflected as JSON
-
-This test:
-
-* reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;
-* can be used to check for TLS privacy pitfalls (session resumption, TLS fingerprinting, system time exposure);
-* supports multiple protocols (currently HTTP and Gemini);
-* is free as in freedom and trivial to self-host.
-
-JSON only, for now. The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are available at:
-
-=> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml TLS parameters
-=> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml TLS extensions
-
-Note that these lists do not include draft extensions and GREASE values. Missing values will be documented here as the project evolves.
-
-_____________________
-=> https://nervuri.net/ Author: nervuri
-=> https://tildegit.org/nervuri/client-hello-mirror Source (contributions welcome)
-=> https://www.gnu.org/licenses/agpl-3.0.en.html License: AGPL-3.0-or-later`
+//go:embed index.gmi
+var gemtext string
// Copy the Client Hello message before starting the TLS handshake.
func peek(conn net.Conn, tlsConfig *tls.Config) {