espelhamento de
https://github.com/nextcloud/server.git
sincronizado 2024-07-29 08:15:55 +02:00
ea0e45d81e
X-UA-Compatible and X-Download-Options headers are interpreted or relevant for Internet Explorer only. With the deprecation of Internet Explorer support in Nextcloud 20 and planned support removal already in Nextcloud 22, these became obsolete and are hereby removed, including their removal from setup checks. Signed-off-by: MichaIng <micha@dietpi.com>
106 linhas
3.2 KiB
ApacheConf
106 linhas
3.2 KiB
ApacheConf
<IfModule mod_headers.c>
|
|
<IfModule mod_setenvif.c>
|
|
<IfModule mod_fcgid.c>
|
|
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
|
|
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
|
|
</IfModule>
|
|
<IfModule mod_proxy_fcgi.c>
|
|
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
|
|
</IfModule>
|
|
<IfModule mod_lsapi.c>
|
|
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
|
|
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
<IfModule mod_env.c>
|
|
# Add security and privacy related headers
|
|
|
|
# Avoid doubled headers by unsetting headers in "onsuccess" table,
|
|
# then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
|
|
Header onsuccess unset Referrer-Policy
|
|
Header always set Referrer-Policy "no-referrer"
|
|
|
|
Header onsuccess unset X-Content-Type-Options
|
|
Header always set X-Content-Type-Options "nosniff"
|
|
|
|
Header onsuccess unset X-Frame-Options
|
|
Header always set X-Frame-Options "SAMEORIGIN"
|
|
|
|
Header onsuccess unset X-Permitted-Cross-Domain-Policies
|
|
Header always set X-Permitted-Cross-Domain-Policies "none"
|
|
|
|
Header onsuccess unset X-Robots-Tag
|
|
Header always set X-Robots-Tag "none"
|
|
|
|
Header onsuccess unset X-XSS-Protection
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
|
|
SetEnv modHeadersAvailable true
|
|
</IfModule>
|
|
|
|
# Add cache control for static resources
|
|
<FilesMatch "\.(css|js|svg|gif|png|jpg|ico|wasm|tflite)$">
|
|
Header set Cache-Control "max-age=15778463"
|
|
</FilesMatch>
|
|
|
|
<FilesMatch "\.(css|js|svg|gif|png|jpg|ico|wasm|tflite)(\?v=.*)?$">
|
|
Header set Cache-Control "max-age=15778463, immutable"
|
|
</FilesMatch>
|
|
|
|
# Let browsers cache WOFF files for a week
|
|
<FilesMatch "\.woff2?$">
|
|
Header set Cache-Control "max-age=604800"
|
|
</FilesMatch>
|
|
</IfModule>
|
|
|
|
# PHP 7.x
|
|
<IfModule mod_php7.c>
|
|
php_value mbstring.func_overload 0
|
|
php_value default_charset 'UTF-8'
|
|
php_value output_buffering 0
|
|
<IfModule mod_env.c>
|
|
SetEnv htaccessWorking true
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
# PHP 8+
|
|
<IfModule mod_php.c>
|
|
php_value mbstring.func_overload 0
|
|
php_value default_charset 'UTF-8'
|
|
php_value output_buffering 0
|
|
<IfModule mod_env.c>
|
|
SetEnv htaccessWorking true
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
<IfModule mod_mime.c>
|
|
AddType image/svg+xml svg svgz
|
|
AddType application/wasm wasm
|
|
AddEncoding gzip svgz
|
|
</IfModule>
|
|
|
|
<IfModule mod_dir.c>
|
|
DirectoryIndex index.php index.html
|
|
</IfModule>
|
|
|
|
<IfModule pagespeed_module>
|
|
ModPagespeed Off
|
|
</IfModule>
|
|
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine on
|
|
RewriteCond %{HTTP_USER_AGENT} DavClnt
|
|
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
|
|
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
|
|
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
|
|
RewriteRule ^remote/(.*) remote.php [QSA,L]
|
|
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
|
|
RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
|
|
RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
|
|
</IfModule>
|
|
|
|
AddDefaultCharset utf-8
|
|
Options -Indexes
|