diegovalle/hoyodecrimen.api/master/wsgi/.htaccess - Htaccess File

diegovalle/hoyodecrimen.api/master/wsgi/.htaccess

# ----------------------------------------------------------------------
# UTF-8 encoding
# ----------------------------------------------------------------------

# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset utf-8

# Force UTF-8 for a number of file formats
AddCharset utf-8 .atom .css .js .json .rss .vtt .xml

<IfModule mod_headers.c>
  Header unset ETag

  # Don't allow any pages to be framed - Defends against CSRF
  Header set X-Frame-Options DENY

  # Turn on IE8-IE9 XSS prevention tools
  Header set X-XSS-Protection "1; mode=block"

  # prevent mime based attacks
  Header set X-Content-Type-Options "nosniff"

  # Only allow JavaScript from the same domain to be run.
  # Don't allow inline JavaScript to run.
  Header set X-Content-Security-Policy "allow 'self';"

  Header set X-Permitted-Cross-Domain-Policies: "master-only"
</IfModule>

# ----------------------------------------------------------------------
# Webfont access
# ----------------------------------------------------------------------

# Allow access from all domains for webfonts.
# Alternatively you could only whitelist your
# subdomains like "subdomain.example.com".

<IfModule mod_headers.c>
  <FilesMatch ".(eot|font.css|otf|ttc|ttf|woff)$">
    Header set Access-Control-Allow-Origin "*"
  </FilesMatch>
</IfModule>

On Github License

Files

Download PDF of Htaccess file

Comments

Apache