diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2015-03-26 15:30:00 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2015-03-26 22:32:57 +0100 |
| commit | 9d1ce53cb1e4f3f8d04de2e442e2928f3e7bab7c (patch) | |
| tree | 7211c2361a63aebfedff4c529a3df3d3995af8b5 /.htaccess | |
| parent | 74a9fc29b43b54ec8aa9f6b9cac1cbfa4a5136e2 (diff) | |
| download | nextcloud-server-9d1ce53cb1e4f3f8d04de2e442e2928f3e7bab7c.tar.gz nextcloud-server-9d1ce53cb1e4f3f8d04de2e442e2928f3e7bab7c.zip | |
Add some generic default headers as well via PHP
Diffstat (limited to '.htaccess')
| -rw-r--r-- | .htaccess | 37 |
1 files changed, 21 insertions, 16 deletions
diff --git a/.htaccess b/.htaccess index 5e24a35743d..8c1cefb89c2 100644 --- a/.htaccess +++ b/.htaccess @@ -1,11 +1,25 @@ # Version: 8.1.0 -<IfModule mod_fcgid.c> -<IfModule mod_setenvif.c> <IfModule mod_headers.c> -SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 -RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION -</IfModule> -</IfModule> + <IfModule mod_fcgid.c> + <IfModule mod_setenvif.c> + SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 + RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION + </IfModule> + </IfModule> + + <IfModule mod_env.c> + # Add security and privacy related headers + Header set X-Content-Type-Options "nosniff" + Header set X-XSS-Protection "1; mode=block" + Header set X-Robots-Tag "none" + Header set X-Frame-Options "SAMEORIGIN" + SetEnv modHeadersAvailable true + </IfModule> + + # Add cache control for CSS and JS files + <FilesMatch "\.(css|js)$"> + Header set Cache-Control "max-age=7200, public" + </FilesMatch> </IfModule> <IfModule mod_php5.c> php_value upload_max_filesize 513M @@ -42,14 +56,5 @@ DirectoryIndex index.php index.html AddDefaultCharset utf-8 Options -Indexes <IfModule pagespeed_module> - ModPagespeed Off -</IfModule> -<IfModule mod_headers.c> - Header set X-Content-Type-Options "nosniff" - Header set X-XSS-Protection "1; mode=block" - Header set X-Robots-Tag "none" - Header set X-Frame-Options "SAMEORIGIN" - <FilesMatch "\.(css|js)$"> - Header set Cache-Control "max-age=7200, public" - </FilesMatch> + ModPagespeed Off </IfModule> |