Update htaccess

2024-12-22 15:55:04 +00:00 · 2018-02-19 15:04:40 +01:00 · 2018-02-19 15:04:40 +01:00 · ddd1773ebe
commit ddd1773ebe
parent 81bdad967f
2 changed files with 36 additions and 10 deletions
--- a/.htaccess
+++ b/.htaccess
@ -1,11 +1,25 @@
 AddDefaultCharset utf-8
 AddCharset UTF-8 .css .js
 FileETag MTime Size
 Options +ExecCGI
 ServerSignature Off
 SetEnvIf Host ^ suppress-error-charset
-<filesMatch ".(css|png|svg)$">
+AddType image/x-icon .ico
-Header set Cache-Control "public, max-age=604800"
+AddType application/manifest+json .webmanifest
-</filesMatch>
+
 ErrorDocument 403 https://kaboom.pw/
 ErrorDocument 404 https://kaboom.pw/
 <FilesMatch report$>
 SetHandler cgi-script
 </FilesMatch>
 <FilesMatch ".(htm|html)$">
 Header set Content-Security-Policy "default-src 'none'; font-src data:; form-action 'self'; img-src 'self'; manifest-src 'self'; style-src 'self'; upgrade-insecure-requests; report-uri /report"
 Header set X-Frame-Options "DENY"
 Header set X-Xss-Protection "1; mode=block"
 </FilesMatch>
 RewriteEngine On 
 RewriteCond %{SERVER_PORT} 80
@ -17,9 +31,6 @@ RewriteRule ^(.*)$ https://kaboom.pw/$1 [R=301,L]
 RewriteCond %{HTTP_HOST} ^www.flame.ga$
 RewriteRule ^(.*)$ https://kaboom.pw/$1 [R=301,L]
 ErrorDocument 403 https://kaboom.pw/
 ErrorDocument 404 https://kaboom.pw/
 AddOutputFilterByType DEFLATE text/plain
 AddOutputFilterByType DEFLATE text/html
 AddOutputFilterByType DEFLATE text/xml
@ -30,11 +41,9 @@ AddOutputFilterByType DEFLATE application/rss+xml
 AddOutputFilterByType DEFLATE application/javascript
 AddOutputFilterByType DEFLATE application/x-javascript
 Header set Cache-Control "public, max-age=0, must-revalidate"
 Header set Content-Security-Policy "connect-src 'none'; default-src 'none'; font-src data:; frame-src 'none'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'none'; style-src 'self'"
 Header set Referrer-Policy "no-referrer"
 Header set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
 Header set Vary "Accept-Encoding"
 Header set X-Content-Type-Options "nosniff"
-Header set X-Frame-Options "DENY"
+Header unset Accept-Ranges
-Header set X-Xss-Protection "1; mode=block"
+Header unset Last-Modified
--- a/17
+++ b/17
@ -0,0 +1,17 @@
 #!/usr/bin/perl
 use CGI;
 my $q = new CGI;
 my $data = CGI::param('POSTDATA');
 if (($data ne ""))
 {
 	open (SEND, "|/usr/lib/sendmail -t");
 	print SEND "From: mail\@mathias.re\n";
 	print SEND "To: mail\@mathias.re\n";
 	print SEND "Subject: CSP Report\n\n";
 	print SEND "$data\n";
 	close (SEND);
 }
 print $q->redirect('/');