зеркало из
https://github.com/nextcloud/server.git
synced 2024-08-14 02:11:49 +02:00
![Daniel Calviño Sánchez](/assets/img/avatar_default.png)
Since Talk 13 (and thus Nextcloud 23) WebAssembly (.wasm) and TensorFlow Lite (.tflite) files need to be loaded from the web server to provide certain features (like the background blur in the WebUI). Those files can be treated in a similar way to other static resources, and there should not be any problem caching or compressing them. However, as compressed TensorFlow Lite files are only ~12% smaller, the compression directive depends on the MIME type and there is no standard MIME type for TensorFlow Lite files it is not worth to compress them. Moreover, no directives to compress WebAssembly files were added either, as it seems that they would override any other compression directives set in the default server configuration; for reference it could be done with something like: <IfModule mod_deflate.c> <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/wasm </IfModule> </IfModule> Depending on the setup "application/wasm" may not be associated with ".wasm" files, so the directive was added just in case, as otherwise browsers log a warning. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
105 строки
3.1 KiB
ApacheConf
105 строки
3.1 KiB
ApacheConf
<IfModule mod_headers.c>
|
|
<IfModule mod_setenvif.c>
|
|
<IfModule mod_fcgid.c>
|
|
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
|
|
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
|
|
</IfModule>
|
|
<IfModule mod_proxy_fcgi.c>
|
|
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
|
|
</IfModule>
|
|
<IfModule mod_lsapi.c>
|
|
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
|
|
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
<IfModule mod_env.c>
|
|
# Add security and privacy related headers
|
|
|
|
# Avoid doubled headers by unsetting headers in "onsuccess" table,
|
|
# then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
|
|
Header onsuccess unset Referrer-Policy
|
|
Header always set Referrer-Policy "no-referrer"
|
|
|
|
Header onsuccess unset X-Content-Type-Options
|
|
Header always set X-Content-Type-Options "nosniff"
|
|
|
|
Header onsuccess unset X-Download-Options
|
|
Header always set X-Download-Options "noopen"
|
|
|
|
Header onsuccess unset X-Frame-Options
|
|
Header always set X-Frame-Options "SAMEORIGIN"
|
|
|
|
Header onsuccess unset X-Permitted-Cross-Domain-Policies
|
|
Header always set X-Permitted-Cross-Domain-Policies "none"
|
|
|
|
Header onsuccess unset X-Robots-Tag
|
|
Header always set X-Robots-Tag "none"
|
|
|
|
Header onsuccess unset X-XSS-Protection
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
|
|
SetEnv modHeadersAvailable true
|
|
</IfModule>
|
|
|
|
# Add cache control for static resources
|
|
<FilesMatch "\.(css|js|svg|gif|png|jpg|ico|wasm|tflite)$">
|
|
Header set Cache-Control "max-age=15778463"
|
|
</FilesMatch>
|
|
|
|
# Let browsers cache WOFF files for a week
|
|
<FilesMatch "\.woff2?$">
|
|
Header set Cache-Control "max-age=604800"
|
|
</FilesMatch>
|
|
</IfModule>
|
|
|
|
# PHP 7.x
|
|
<IfModule mod_php7.c>
|
|
php_value mbstring.func_overload 0
|
|
php_value default_charset 'UTF-8'
|
|
php_value output_buffering 0
|
|
<IfModule mod_env.c>
|
|
SetEnv htaccessWorking true
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
# PHP 8+
|
|
<IfModule mod_php.c>
|
|
php_value mbstring.func_overload 0
|
|
php_value default_charset 'UTF-8'
|
|
php_value output_buffering 0
|
|
<IfModule mod_env.c>
|
|
SetEnv htaccessWorking true
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
<IfModule mod_mime.c>
|
|
AddType image/svg+xml svg svgz
|
|
AddType application/wasm wasm
|
|
AddEncoding gzip svgz
|
|
</IfModule>
|
|
|
|
<IfModule mod_dir.c>
|
|
DirectoryIndex index.php index.html
|
|
</IfModule>
|
|
|
|
<IfModule pagespeed_module>
|
|
ModPagespeed Off
|
|
</IfModule>
|
|
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine on
|
|
RewriteCond %{HTTP_USER_AGENT} DavClnt
|
|
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
|
|
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
|
|
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
|
|
RewriteRule ^remote/(.*) remote.php [QSA,L]
|
|
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
|
|
RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
|
|
RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
|
|
</IfModule>
|
|
|
|
AddDefaultCharset utf-8
|
|
Options -Indexes
|