mirror of
https://github.com/jakejarvis/jarv.is.git
synced 2025-04-28 16:10:30 -04:00
19 lines
634 B
Plaintext
19 lines
634 B
Plaintext
# Sensible default security headers
|
|
# - More info: https://scotthelme.co.uk/hardening-your-http-response-headers/
|
|
# - Test website: https://securityheaders.com/
|
|
/*
|
|
Referrer-Policy: strict-origin-when-cross-origin
|
|
X-Content-Type-Options: nosniff
|
|
X-Frame-Options: sameorigin
|
|
|
|
# Super long cache for web fonts (one year)
|
|
/fonts/*
|
|
Cache-Control: max-age=31536000, public, immutable, no-transform
|
|
|
|
# Recommended MIME type for PWA manifests
|
|
# https://github.com/w3c/manifest/issues/689
|
|
/manifest.json
|
|
Content-Type: application/manifest+json; charset=UTF-8
|
|
/*.webmanifest
|
|
Content-Type: application/manifest+json; charset=UTF-8
|