diff options
Diffstat (limited to 'webapp/vendor/html5-boilerplate-4.3.0/.htaccess')
-rwxr-xr-x | webapp/vendor/html5-boilerplate-4.3.0/.htaccess | 551 |
1 files changed, 551 insertions, 0 deletions
diff --git a/webapp/vendor/html5-boilerplate-4.3.0/.htaccess b/webapp/vendor/html5-boilerplate-4.3.0/.htaccess new file mode 100755 index 0000000..6861ada --- /dev/null +++ b/webapp/vendor/html5-boilerplate-4.3.0/.htaccess | |||
@@ -0,0 +1,551 @@ | |||
1 | # Apache Server Configs v1.1.0 | MIT License | ||
2 | # https://github.com/h5bp/server-configs-apache | ||
3 | |||
4 | # (!) Using `.htaccess` files slows down Apache, therefore, if you have access | ||
5 | # to the main server config file (usually called `httpd.conf`), you should add | ||
6 | # this logic there: http://httpd.apache.org/docs/current/howto/htaccess.html. | ||
7 | |||
8 | # ############################################################################## | ||
9 | # # CROSS-ORIGIN RESOURCE SHARING (CORS) # | ||
10 | # ############################################################################## | ||
11 | |||
12 | # ------------------------------------------------------------------------------ | ||
13 | # | Cross-domain AJAX requests | | ||
14 | # ------------------------------------------------------------------------------ | ||
15 | |||
16 | # Enable cross-origin AJAX requests. | ||
17 | # http://code.google.com/p/html5security/wiki/CrossOriginRequestSecurity | ||
18 | # http://enable-cors.org/ | ||
19 | |||
20 | # <IfModule mod_headers.c> | ||
21 | # Header set Access-Control-Allow-Origin "*" | ||
22 | # </IfModule> | ||
23 | |||
24 | # ------------------------------------------------------------------------------ | ||
25 | # | CORS-enabled images | | ||
26 | # ------------------------------------------------------------------------------ | ||
27 | |||
28 | # Send the CORS header for images when browsers request it. | ||
29 | # https://developer.mozilla.org/en/CORS_Enabled_Image | ||
30 | # http://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html | ||
31 | # http://hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/ | ||
32 | |||
33 | <IfModule mod_setenvif.c> | ||
34 | <IfModule mod_headers.c> | ||
35 | <FilesMatch "\.(gif|ico|jpe?g|png|svgz?|webp)$"> | ||
36 | SetEnvIf Origin ":" IS_CORS | ||
37 | Header set Access-Control-Allow-Origin "*" env=IS_CORS | ||
38 | </FilesMatch> | ||
39 | </IfModule> | ||
40 | </IfModule> | ||
41 | |||
42 | # ------------------------------------------------------------------------------ | ||
43 | # | Web fonts access | | ||
44 | # ------------------------------------------------------------------------------ | ||
45 | |||
46 | # Allow access from all domains for web fonts | ||
47 | |||
48 | <IfModule mod_headers.c> | ||
49 | <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$"> | ||
50 | Header set Access-Control-Allow-Origin "*" | ||
51 | </FilesMatch> | ||
52 | </IfModule> | ||
53 | |||
54 | |||
55 | # ############################################################################## | ||
56 | # # ERRORS # | ||
57 | # ############################################################################## | ||
58 | |||
59 | # ------------------------------------------------------------------------------ | ||
60 | # | 404 error prevention for non-existing redirected folders | | ||
61 | # ------------------------------------------------------------------------------ | ||
62 | |||
63 | # Prevent Apache from returning a 404 error for a rewrite if a directory | ||
64 | # with the same name does not exist. | ||
65 | # http://httpd.apache.org/docs/current/content-negotiation.html#multiviews | ||
66 | # http://www.webmasterworld.com/apache/3808792.htm | ||
67 | |||
68 | Options -MultiViews | ||
69 | |||
70 | # ------------------------------------------------------------------------------ | ||
71 | # | Custom error messages / pages | | ||
72 | # ------------------------------------------------------------------------------ | ||
73 | |||
74 | # You can customize what Apache returns to the client in case of an error (see | ||
75 | # http://httpd.apache.org/docs/current/mod/core.html#errordocument), e.g.: | ||
76 | |||
77 | ErrorDocument 404 /404.html | ||
78 | |||
79 | |||
80 | # ############################################################################## | ||
81 | # # INTERNET EXPLORER # | ||
82 | # ############################################################################## | ||
83 | |||
84 | # ------------------------------------------------------------------------------ | ||
85 | # | Better website experience | | ||
86 | # ------------------------------------------------------------------------------ | ||
87 | |||
88 | # Force IE to render pages in the highest available mode in the various | ||
89 | # cases when it may not: http://hsivonen.iki.fi/doctype/ie-mode.pdf. | ||
90 | |||
91 | <IfModule mod_headers.c> | ||
92 | Header set X-UA-Compatible "IE=edge" | ||
93 | # `mod_headers` can't match based on the content-type, however, we only | ||
94 | # want to send this header for HTML pages and not for the other resources | ||
95 | <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$"> | ||
96 | Header unset X-UA-Compatible | ||
97 | </FilesMatch> | ||
98 | </IfModule> | ||
99 | |||
100 | # ------------------------------------------------------------------------------ | ||
101 | # | Cookie setting from iframes | | ||
102 | # ------------------------------------------------------------------------------ | ||
103 | |||
104 | # Allow cookies to be set from iframes in IE. | ||
105 | |||
106 | # <IfModule mod_headers.c> | ||
107 | # Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" | ||
108 | # </IfModule> | ||
109 | |||
110 | # ------------------------------------------------------------------------------ | ||
111 | # | Screen flicker | | ||
112 | # ------------------------------------------------------------------------------ | ||
113 | |||
114 | # Stop screen flicker in IE on CSS rollovers (this only works in | ||
115 | # combination with the `ExpiresByType` directives for images from below). | ||
116 | |||
117 | # BrowserMatch "MSIE" brokenvary=1 | ||
118 | # BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1 | ||
119 | # BrowserMatch "Opera" !brokenvary | ||
120 | # SetEnvIf brokenvary 1 force-no-vary | ||
121 | |||
122 | |||
123 | # ############################################################################## | ||
124 | # # MIME TYPES AND ENCODING # | ||
125 | # ############################################################################## | ||
126 | |||
127 | # ------------------------------------------------------------------------------ | ||
128 | # | Proper MIME types for all files | | ||
129 | # ------------------------------------------------------------------------------ | ||
130 | |||
131 | <IfModule mod_mime.c> | ||
132 | |||
133 | # Audio | ||
134 | AddType audio/mp4 m4a f4a f4b | ||
135 | AddType audio/ogg oga ogg | ||
136 | |||
137 | # JavaScript | ||
138 | # Normalize to standard type (it's sniffed in IE anyways): | ||
139 | # http://tools.ietf.org/html/rfc4329#section-7.2 | ||
140 | AddType application/javascript js | ||
141 | AddType application/json json | ||
142 | |||
143 | # Video | ||
144 | AddType video/mp4 mp4 m4v f4v f4p | ||
145 | AddType video/ogg ogv | ||
146 | AddType video/webm webm | ||
147 | AddType video/x-flv flv | ||
148 | |||
149 | # Web fonts | ||
150 | AddType application/font-woff woff | ||
151 | AddType application/vnd.ms-fontobject eot | ||
152 | |||
153 | # Browsers usually ignore the font MIME types and sniff the content, | ||
154 | # however, Chrome shows a warning if other MIME types are used for the | ||
155 | # following fonts. | ||
156 | AddType application/x-font-ttf ttc ttf | ||
157 | AddType font/opentype otf | ||
158 | |||
159 | # Make SVGZ fonts work on iPad: | ||
160 | # https://twitter.com/FontSquirrel/status/14855840545 | ||
161 | AddType image/svg+xml svg svgz | ||
162 | AddEncoding gzip svgz | ||
163 | |||
164 | # Other | ||
165 | AddType application/octet-stream safariextz | ||
166 | AddType application/x-chrome-extension crx | ||
167 | AddType application/x-opera-extension oex | ||
168 | AddType application/x-shockwave-flash swf | ||
169 | AddType application/x-web-app-manifest+json webapp | ||
170 | AddType application/x-xpinstall xpi | ||
171 | AddType application/xml atom rdf rss xml | ||
172 | AddType image/webp webp | ||
173 | AddType image/x-icon ico | ||
174 | AddType text/cache-manifest appcache manifest | ||
175 | AddType text/vtt vtt | ||
176 | AddType text/x-component htc | ||
177 | AddType text/x-vcard vcf | ||
178 | |||
179 | </IfModule> | ||
180 | |||
181 | # ------------------------------------------------------------------------------ | ||
182 | # | UTF-8 encoding | | ||
183 | # ------------------------------------------------------------------------------ | ||
184 | |||
185 | # Use UTF-8 encoding for anything served as `text/html` or `text/plain`. | ||
186 | AddDefaultCharset utf-8 | ||
187 | |||
188 | # Force UTF-8 for certain file formats. | ||
189 | <IfModule mod_mime.c> | ||
190 | AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml | ||
191 | </IfModule> | ||
192 | |||
193 | |||
194 | # ############################################################################## | ||
195 | # # URL REWRITES # | ||
196 | # ############################################################################## | ||
197 | |||
198 | # ------------------------------------------------------------------------------ | ||
199 | # | Rewrite engine | | ||
200 | # ------------------------------------------------------------------------------ | ||
201 | |||
202 | # Turning on the rewrite engine and enabling the `FollowSymLinks` option is | ||
203 | # necessary for the following directives to work. | ||
204 | |||
205 | # If your web host doesn't allow the `FollowSymlinks` option, you may need to | ||
206 | # comment it out and use `Options +SymLinksIfOwnerMatch` but, be aware of the | ||
207 | # performance impact: http://httpd.apache.org/docs/current/misc/perf-tuning.html#symlinks | ||
208 | |||
209 | # Also, some cloud hosting services require `RewriteBase` to be set: | ||
210 | # http://www.rackspace.com/knowledge_center/frequently-asked-question/why-is-mod-rewrite-not-working-on-my-site | ||
211 | |||
212 | <IfModule mod_rewrite.c> | ||
213 | Options +FollowSymlinks | ||
214 | # Options +SymLinksIfOwnerMatch | ||
215 | RewriteEngine On | ||
216 | # RewriteBase / | ||
217 | </IfModule> | ||
218 | |||
219 | # ------------------------------------------------------------------------------ | ||
220 | # | Suppressing / Forcing the "www." at the beginning of URLs | | ||
221 | # ------------------------------------------------------------------------------ | ||
222 | |||
223 | # The same content should never be available under two different URLs especially | ||
224 | # not with and without "www." at the beginning. This can cause SEO problems | ||
225 | # (duplicate content), therefore, you should choose one of the alternatives and | ||
226 | # redirect the other one. | ||
227 | |||
228 | # By default option 1 (no "www.") is activated: | ||
229 | # http://no-www.org/faq.php?q=class_b | ||
230 | |||
231 | # If you'd prefer to use option 2, just comment out all the lines from option 1 | ||
232 | # and uncomment the ones from option 2. | ||
233 | |||
234 | # IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME! | ||
235 | |||
236 | # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
237 | |||
238 | # Option 1: rewrite www.example.com → example.com | ||
239 | |||
240 | <IfModule mod_rewrite.c> | ||
241 | RewriteCond %{HTTPS} !=on | ||
242 | RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] | ||
243 | RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L] | ||
244 | </IfModule> | ||
245 | |||
246 | # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
247 | |||
248 | # Option 2: rewrite example.com → www.example.com | ||
249 | |||
250 | # Be aware that the following might not be a good idea if you use "real" | ||
251 | # subdomains for certain parts of your website. | ||
252 | |||
253 | # <IfModule mod_rewrite.c> | ||
254 | # RewriteCond %{HTTPS} !=on | ||
255 | # RewriteCond %{HTTP_HOST} !^www\..+$ [NC] | ||
256 | # RewriteCond %{HTTP_HOST} !=localhost [NC] | ||
257 | # RewriteCond %{HTTP_HOST} !=127.0.0.1 | ||
258 | # RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L] | ||
259 | # </IfModule> | ||
260 | |||
261 | |||
262 | # ############################################################################## | ||
263 | # # SECURITY # | ||
264 | # ############################################################################## | ||
265 | |||
266 | # ------------------------------------------------------------------------------ | ||
267 | # | Content Security Policy (CSP) | | ||
268 | # ------------------------------------------------------------------------------ | ||
269 | |||
270 | # You can mitigate the risk of cross-site scripting and other content-injection | ||
271 | # attacks by setting a Content Security Policy which whitelists trusted sources | ||
272 | # of content for your site. | ||
273 | |||
274 | # The example header below allows ONLY scripts that are loaded from the current | ||
275 | # site's origin (no inline scripts, no CDN, etc). This almost certainly won't | ||
276 | # work as-is for your site! | ||
277 | |||
278 | # To get all the details you'll need to craft a reasonable policy for your site, | ||
279 | # read: http://html5rocks.com/en/tutorials/security/content-security-policy (or | ||
280 | # see the specification: http://w3.org/TR/CSP). | ||
281 | |||
282 | # <IfModule mod_headers.c> | ||
283 | # Header set Content-Security-Policy "script-src 'self'; object-src 'self'" | ||
284 | # <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$"> | ||
285 | # Header unset Content-Security-Policy | ||
286 | # </FilesMatch> | ||
287 | # </IfModule> | ||
288 | |||
289 | # ------------------------------------------------------------------------------ | ||
290 | # | File access | | ||
291 | # ------------------------------------------------------------------------------ | ||
292 | |||
293 | # Block access to directories without a default document. | ||
294 | # Usually you should leave this uncommented because you shouldn't allow anyone | ||
295 | # to surf through every directory on your server (which may includes rather | ||
296 | # private places like the CMS's directories). | ||
297 | |||
298 | <IfModule mod_autoindex.c> | ||
299 | Options -Indexes | ||
300 | </IfModule> | ||
301 | |||
302 | # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
303 | |||
304 | # Block access to hidden files and directories. | ||
305 | # This includes directories used by version control systems such as Git and SVN. | ||
306 | |||
307 | <IfModule mod_rewrite.c> | ||
308 | RewriteCond %{SCRIPT_FILENAME} -d [OR] | ||
309 | RewriteCond %{SCRIPT_FILENAME} -f | ||
310 | RewriteRule "(^|/)\." - [F] | ||
311 | </IfModule> | ||
312 | |||
313 | # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
314 | |||
315 | # Block access to backup and source files. | ||
316 | # These files may be left by some text editors and can pose a great security | ||
317 | # danger when anyone has access to them. | ||
318 | |||
319 | <FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$"> | ||
320 | Order allow,deny | ||
321 | Deny from all | ||
322 | Satisfy All | ||
323 | </FilesMatch> | ||
324 | |||
325 | # ------------------------------------------------------------------------------ | ||
326 | # | Secure Sockets Layer (SSL) | | ||
327 | # ------------------------------------------------------------------------------ | ||
328 | |||
329 | # Rewrite secure requests properly to prevent SSL certificate warnings, e.g.: | ||
330 | # prevent `https://www.example.com` when your certificate only allows | ||
331 | # `https://secure.example.com`. | ||
332 | |||
333 | # <IfModule mod_rewrite.c> | ||
334 | # RewriteCond %{SERVER_PORT} !^443 | ||
335 | # RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L] | ||
336 | # </IfModule> | ||
337 | |||
338 | # ------------------------------------------------------------------------------ | ||
339 | # | HTTP Strict Transport Security (HSTS) | | ||
340 | # ------------------------------------------------------------------------------ | ||
341 | |||
342 | # Force client-side SSL redirection. | ||
343 | |||
344 | # If a user types "example.com" in his browser, the above rule will redirect | ||
345 | # him to the secure version of the site. That still leaves a window of oppor- | ||
346 | # tunity (the initial HTTP connection) for an attacker to downgrade or redirect | ||
347 | # the request. The following header ensures that browser will ONLY connect to | ||
348 | # your server via HTTPS, regardless of what the users type in the address bar. | ||
349 | # http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1 | ||
350 | # http://www.html5rocks.com/en/tutorials/security/transport-layer-security/ | ||
351 | |||
352 | # (!) Remove the `includeSubDomains` optional directive if the subdomains are | ||
353 | # not using HTTPS. | ||
354 | |||
355 | # <IfModule mod_headers.c> | ||
356 | # Header set Strict-Transport-Security "max-age=16070400; includeSubDomains" | ||
357 | # </IfModule> | ||
358 | |||
359 | # ------------------------------------------------------------------------------ | ||
360 | # | Server software information | | ||
361 | # ------------------------------------------------------------------------------ | ||
362 | |||
363 | # Avoid displaying the exact Apache version number, the description of the | ||
364 | # generic OS-type and the information about Apache's compiled-in modules. | ||
365 | |||
366 | # ADD THIS DIRECTIVE IN THE `httpd.conf` AS IT WILL NOT WORK IN THE `.htaccess`! | ||
367 | |||
368 | # ServerTokens Prod | ||
369 | |||
370 | |||
371 | # ############################################################################## | ||
372 | # # WEB PERFORMANCE # | ||
373 | # ############################################################################## | ||
374 | |||
375 | # ------------------------------------------------------------------------------ | ||
376 | # | Compression | | ||
377 | # ------------------------------------------------------------------------------ | ||
378 | |||
379 | <IfModule mod_deflate.c> | ||
380 | |||
381 | # Force compression for mangled headers. | ||
382 | # http://developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping | ||
383 | <IfModule mod_setenvif.c> | ||
384 | <IfModule mod_headers.c> | ||
385 | SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding | ||
386 | RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding | ||
387 | </IfModule> | ||
388 | </IfModule> | ||
389 | |||
390 | # Compress all output labeled with one of the following MIME-types | ||
391 | # (for Apache versions below 2.3.7, you don't need to enable `mod_filter` | ||
392 | # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines | ||
393 | # as `AddOutputFilterByType` is still in the core directives). | ||
394 | <IfModule mod_filter.c> | ||
395 | AddOutputFilterByType DEFLATE application/atom+xml \ | ||
396 | application/javascript \ | ||
397 | application/json \ | ||
398 | application/rss+xml \ | ||
399 | application/vnd.ms-fontobject \ | ||
400 | application/x-font-ttf \ | ||
401 | application/x-web-app-manifest+json \ | ||
402 | application/xhtml+xml \ | ||
403 | application/xml \ | ||
404 | font/opentype \ | ||
405 | image/svg+xml \ | ||
406 | image/x-icon \ | ||
407 | text/css \ | ||
408 | text/html \ | ||
409 | text/plain \ | ||
410 | text/x-component \ | ||
411 | text/xml | ||
412 | </IfModule> | ||
413 | |||
414 | </IfModule> | ||
415 | |||
416 | # ------------------------------------------------------------------------------ | ||
417 | # | Content transformations | | ||
418 | # ------------------------------------------------------------------------------ | ||
419 | |||
420 | # Prevent some of the mobile network providers from modifying the content of | ||
421 | # your site: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.5. | ||
422 | |||
423 | # <IfModule mod_headers.c> | ||
424 | # Header set Cache-Control "no-transform" | ||
425 | # </IfModule> | ||
426 | |||
427 | # ------------------------------------------------------------------------------ | ||
428 | # | ETag removal | | ||
429 | # ------------------------------------------------------------------------------ | ||
430 | |||
431 | # Since we're sending far-future expires headers (see below), ETags can | ||
432 | # be removed: http://developer.yahoo.com/performance/rules.html#etags. | ||
433 | |||
434 | # `FileETag None` is not enough for every server. | ||
435 | <IfModule mod_headers.c> | ||
436 | Header unset ETag | ||
437 | </IfModule> | ||
438 | |||
439 | FileETag None | ||
440 | |||
441 | # ------------------------------------------------------------------------------ | ||
442 | # | Expires headers (for better cache control) | | ||
443 | # ------------------------------------------------------------------------------ | ||
444 | |||
445 | # The following expires headers are set pretty far in the future. If you don't | ||
446 | # control versioning with filename-based cache busting, consider lowering the | ||
447 | # cache time for resources like CSS and JS to something like 1 week. | ||
448 | |||
449 | <IfModule mod_expires.c> | ||
450 | |||
451 | ExpiresActive on | ||
452 | ExpiresDefault "access plus 1 month" | ||
453 | |||
454 | # CSS | ||
455 | ExpiresByType text/css "access plus 1 year" | ||
456 | |||
457 | # Data interchange | ||
458 | ExpiresByType application/json "access plus 0 seconds" | ||
459 | ExpiresByType application/xml "access plus 0 seconds" | ||
460 | ExpiresByType text/xml "access plus 0 seconds" | ||
461 | |||
462 | # Favicon (cannot be renamed!) | ||
463 | ExpiresByType image/x-icon "access plus 1 week" | ||
464 | |||
465 | # HTML components (HTCs) | ||
466 | ExpiresByType text/x-component "access plus 1 month" | ||
467 | |||
468 | # HTML | ||
469 | ExpiresByType text/html "access plus 0 seconds" | ||
470 | |||
471 | # JavaScript | ||
472 | ExpiresByType application/javascript "access plus 1 year" | ||
473 | |||
474 | # Manifest files | ||
475 | ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" | ||
476 | ExpiresByType text/cache-manifest "access plus 0 seconds" | ||
477 | |||
478 | # Media | ||
479 | ExpiresByType audio/ogg "access plus 1 month" | ||
480 | ExpiresByType image/gif "access plus 1 month" | ||
481 | ExpiresByType image/jpeg "access plus 1 month" | ||
482 | ExpiresByType image/png "access plus 1 month" | ||
483 | ExpiresByType video/mp4 "access plus 1 month" | ||
484 | ExpiresByType video/ogg "access plus 1 month" | ||
485 | ExpiresByType video/webm "access plus 1 month" | ||
486 | |||
487 | # Web feeds | ||
488 | ExpiresByType application/atom+xml "access plus 1 hour" | ||
489 | ExpiresByType application/rss+xml "access plus 1 hour" | ||
490 | |||
491 | # Web fonts | ||
492 | ExpiresByType application/font-woff "access plus 1 month" | ||
493 | ExpiresByType application/vnd.ms-fontobject "access plus 1 month" | ||
494 | ExpiresByType application/x-font-ttf "access plus 1 month" | ||
495 | ExpiresByType font/opentype "access plus 1 month" | ||
496 | ExpiresByType image/svg+xml "access plus 1 month" | ||
497 | |||
498 | </IfModule> | ||
499 | |||
500 | # ------------------------------------------------------------------------------ | ||
501 | # | Filename-based cache busting | | ||
502 | # ------------------------------------------------------------------------------ | ||
503 | |||
504 | # If you're not using a build process to manage your filename version revving, | ||
505 | # you might want to consider enabling the following directives to route all | ||
506 | # requests such as `/css/style.12345.css` to `/css/style.css`. | ||
507 | |||
508 | # To understand why this is important and a better idea than `*.css?v231`, read: | ||
509 | # http://stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring | ||
510 | |||
511 | # <IfModule mod_rewrite.c> | ||
512 | # RewriteCond %{REQUEST_FILENAME} !-f | ||
513 | # RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L] | ||
514 | # </IfModule> | ||
515 | |||
516 | # ------------------------------------------------------------------------------ | ||
517 | # | File concatenation | | ||
518 | # ------------------------------------------------------------------------------ | ||
519 | |||
520 | # Allow concatenation from within specific CSS and JS files, e.g.: | ||
521 | # Inside of `script.combined.js` you could have | ||
522 | # <!--#include file="libs/jquery.js" --> | ||
523 | # <!--#include file="plugins/jquery.idletimer.js" --> | ||
524 | # and they would be included into this single file. | ||
525 | |||
526 | # <IfModule mod_include.c> | ||
527 | # <FilesMatch "\.combined\.js$"> | ||
528 | # Options +Includes | ||
529 | # AddOutputFilterByType INCLUDES application/javascript application/json | ||
530 | # SetOutputFilter INCLUDES | ||
531 | # </FilesMatch> | ||
532 | # <FilesMatch "\.combined\.css$"> | ||
533 | # Options +Includes | ||
534 | # AddOutputFilterByType INCLUDES text/css | ||
535 | # SetOutputFilter INCLUDES | ||
536 | # </FilesMatch> | ||
537 | # </IfModule> | ||
538 | |||
539 | # ------------------------------------------------------------------------------ | ||
540 | # | Persistent connections | | ||
541 | # ------------------------------------------------------------------------------ | ||
542 | |||
543 | # Allow multiple requests to be sent over the same TCP connection: | ||
544 | # http://httpd.apache.org/docs/current/en/mod/core.html#keepalive. | ||
545 | |||
546 | # Enable if you serve a lot of static content but, be aware of the | ||
547 | # possible disadvantages! | ||
548 | |||
549 | # <IfModule mod_headers.c> | ||
550 | # Header set Connection Keep-Alive | ||
551 | # </IfModule> | ||