From 532a91bf1374feb48e4422cce25ec26ff4eec36b Mon Sep 17 00:00:00 2001
From: Julien Jorry <julien.jorry@gmail.com>
Date: Mon, 3 May 2021 12:26:27 +0200
Subject: [PATCH] Stephan upgrade : .htaccess update : cache, access, xss...

---
 public/.htaccess | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 67 insertions(+), 1 deletion(-)

diff --git a/public/.htaccess b/public/.htaccess
index 888534f..5a57ce1 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -11,4 +11,70 @@
     </IfModule>
 </IfModule>
 SetOutputFilter DEFLATE
-AddOutputFilterByType DEFLATE "application/atom+xml" "application/javascript" "application/json" "application/ld+json" "application/manifest+json" "application/rdf+xml" "application/rss+xml" "application/schema+json" "application/vnd.geo+json" "application/vnd.ms-fontobject" "application/x-font-ttf" "application/x-javascript" "application/x-web-app-manifest+json" "application/xhtml+xml" "application/xml" "font/eot" "font/opentype" "image/bmp" "image/svg+xml" "image/vnd.microsoft.icon" "image/x-icon" "text/cache-manifest" "text/css" "text/html" "text/javascript" "text/plain" "text/vcard" "text/vnd.rim.location.xloc" "text/vtt" "text/x-component" "text/x-cross-domain-policy" "text/xml"
+AddOutputFilterByType DEFLATE "application/atom+xml" "application/javascript" "application/json" "application/ld+json" "application/manifest+json" "application/rdf+xml" "application/rss+xml" "application/schema+json" "application/vnd.geo+json" "application/vnd.ms-fontobject" "application/x-font-ttf" "application/x-javascript" "application/x-web-app-manifest+json" "application/xhtml+xml" "application/xml" "font/eot" "font/opentype" "image/bmp" "image/svg+xml" "image/vnd.microsoft.icon" "image/x-icon" "text/cache-manifest" "text/css" "text/html" "text/javascript" "text/plain" "text/vcard" "text/vnd.rim.location.xloc" "text/vtt" "text/x-component" "text/x-cross-domain-policy" "text/xml" "application/x-font-woff" "application/x-font-woff2" "font/woff" "font/woff2"
+
+
+Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+Header set X-Content-Type-Options "nosniff"
+Header set X-Content-Security-Policy "allow 'self';"
+Header set Content-Security-Policy "upgrade-insecure-requests"
+
+Header set X-XSS-Protection "1; mode=block"
+Header set X-Frame-Options SAMEORIGIN
+Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure"
+
+ AddType image/x-icon .ico
+ AddType application/x-web-app-manifest+json .webapp
+ AddType font/ttf .ttf
+ AddType font/otf .otf
+ AddType font/woff .woff
+ AddType font/woff2 .woff2
+
+<IfModule mod_expires.c>
+ ExpiresActive On
+ ExpiresDefault "access plus 7200 seconds"
+ ExpiresByType image/jpg "access plus 1 month"
+ ExpiresByType image/jpeg "access plus 1 month"
+ ExpiresByType image/png "access plus 1 month"
+ ExpiresByType image/gif "access plus 1 month"
+ ExpiresByType image/ico "access plus 1 month"
+ ExpiresByType image/icon "access plus 1 month"
+ ExpiresByType image/x-icon "access plus 1 month"
+ ExpiresByType text/css "access plus 1 month"
+ ExpiresByType text/javascript "access plus 1 month"
+ ExpiresByType text/x-javascript "access plus 1 month"
+ ExpiresByType text/html "access plus 7200 seconds"
+ ExpiresByType application/xhtml+xml "access plus 7200 seconds"
+ ExpiresByType application/javascript "access plus 1 month"
+ ExpiresByType application/x-javascript "access plus 1 month"
+
+ ExpiresByType application/x-font-ttf "access plus 1 year"
+ ExpiresByType font/opentype "access plus 1 year"
+   
+ ExpiresByType font/woff  "access plus 1 year"
+ ExpiresByType application/font-woff  "access plus 1 year"
+ ExpiresByType application/x-font-woff "access plus 1 year"
+
+ ExpiresByType font/woff2  "access plus 1 year"
+ ExpiresByType application/font-woff2  "access plus 1 year"
+ ExpiresByType application/x-font-woff2  "access plus 1 year"
+</IfModule>
+
+
+<IfModule mod_headers.c>
+ <FilesMatch "\.(ico|jpg|png|gif|css)$">
+ Header set Cache-Control "max-age=2592000, public"
+ </FilesMatch>
+ <FilesMatch "\.(css|js)$">
+ Header set Cache-Control "max-age=2592000, private"
+ </FilesMatch>
+ <filesMatch "\.(html|htm)$">
+ Header set Cache-Control "max-age=7200, public"
+ </filesMatch>
+ <FilesMatch "\.(php|cgi)$">
+ Header unset Cache-Control
+ </FilesMatch>
+</IfModule>
+
+Header unset ETag
+FileETag none
\ No newline at end of file
--
libgit2 0.26.0