ewinslow/ng-elgg/master/app/.htaccess
DirectoryIndex index.html
FileETag MTime Size
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 0 seconds"
</IfModule>
<IfModule mod_mime.c>
# Audio
AddType audio/mp4 m4a f4a f4b
AddType audio/ogg oga ogg
# JavaScript
# Normalize to standard type (it's sniffed in IE anyways):
# http://tools.ietf.org/html/rfc4329#section-7.2
AddType application/javascript js
AddType application/json json
# Video
AddType video/mp4 f4v f4p m4v mp4
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
# Web fonts
AddType application/font-woff woff
AddType application/vnd.ms-fontobject eot
# Browsers usually ignore the font MIME types and sniff the content,
# however, Chrome shows a warning if other MIME types are used for the
# following fonts.
AddType application/x-font-ttf ttc ttf
AddType font/opentype otf
# Make SVGZ fonts work on iPad:
# https://twitter.com/FontSquirrel/status/14855840545
AddType image/svg+xml svgz
AddEncoding gzip svgz
# Other
AddType application/octet-stream safariextz
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-web-app-manifest+json webapp
AddType application/x-xpinstall xpi
AddType application/xml atom rdf rss xml
AddType image/webp webp
AddType image/x-icon cur
AddType text/vtt vtt
AddType text/x-component htc
AddType text/x-vcard vcf
# Required for AppCache to work...
AddType text/cache-manifest appcache
</IfModule>
<IfModule mod_headers.c>
Header set Content-Security-Policy "default-src 'self' https://lorempixel.com https://www.google-analytics.com"
Header set X-Content-Security-Policy "default-src 'self' https://lorempixel.com https://www.google-analytics.com"
Header set X-WebKit-CSP "default-src 'self' https://lorempixel.com https://www.google-analytics.com"
<FilesMatch ".(appcache|crx|css|cur|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$">
Header unset Content-Security-Policy
Header unset X-Content-Security-Policy
Header unset X-WebKit-CSP
</FilesMatch>
<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|ng|swf)$">
Header set Cache-Control "public"
</FilesMatch>
</IfModule>
# gzip compression.
<IfModule mod_deflate.c>
# html, xml, css, and js:
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript text/javascript application/javascript application/json
# webfonts and svg:
<FilesMatch ".(ttf|otf|eot|svg)$" >
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
# ------------------------------------------------------------------------------
# | File access |
# ------------------------------------------------------------------------------
# Block access to directories without a default document.
# Usually you should leave this uncommented because you shouldn't allow anyone
# to surf through every directory on your server (which may includes rather
# private places like the CMS's directories).
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
On Github License
Files