diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2016-03-08 18:41:27 +0100 |
|---|---|---|
| committer | Alexandre Alapetite <alexandre@alapetite.fr>
| 2016-03-08 18:41:27 +0100 |
| commit | b60a9896b1474ac687b2a8e0573129593c179820 (patch) | |
| tree | c800a9b119eef30f7c997e1742848d7f71c3112a | |
| parent | 7f764ca6824420813db2e71a3344360620d2e5ca (diff) | |
| parent | 7244b6d486b7ec38fbb350a5c4b73021030e1a72 (diff) | |
Merge branch 'dev' of https://github.com/FreshRSS/FreshRSS into FreshRSS/dev
| -rw-r--r-- | app/FreshRSS.php | 1 | ||||
| -rw-r--r-- | p/.htaccess | 13 | ||||
| -rw-r--r-- | p/themes/.htaccess | 21 | ||||
| -rw-r--r-- | p/themes/index.html | 13 |
4 files changed, 36 insertions, 12 deletions
diff --git a/app/FreshRSS.php b/app/FreshRSS.php index d6f4f4062..bafa970da 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -122,6 +122,7 @@ class FreshRSS extends Minz_FrontController { header("Content-Security-Policy: default-src 'self'"); break; } + header("X-Content-Type-Options: nosniff"); } private function loadNotifications() { diff --git a/p/.htaccess b/p/.htaccess index 2b1e27a88..4321c82d7 100644 --- a/p/.htaccess +++ b/p/.htaccess @@ -6,13 +6,8 @@ FileETag None AddDefaultCharset UTF-8 <IfModule mod_mime.c> - AddType application/json .map - AddType application/font-woff .woff - - AddCharset UTF-8 .css AddCharset UTF-8 .html AddCharset UTF-8 .js - AddCharset UTF-8 .svg </IfModule> <IfModule mod_deflate.c> @@ -21,15 +16,9 @@ AddDefaultCharset UTF-8 <IfModule mod_expires.c> ExpiresActive on - ExpiresByType application/font-woff "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" - ExpiresByType application/json "access plus 1 month" ExpiresByType application/xhtml+xml "access plus 1 month" - ExpiresByType image/gif "access plus 1 month" - ExpiresByType image/png "access plus 1 month" - ExpiresByType image/svg+xml "access plus 1 month" ExpiresByType image/x-icon "access plus 1 month" - ExpiresByType text/css "access plus 1 month" ExpiresByType text/html "access plus 1 month" ExpiresByType text/javascript "access plus 1 month" <FilesMatch "\.php$"> @@ -38,7 +27,7 @@ AddDefaultCharset UTF-8 </IfModule> <IfModule mod_headers.c> - <FilesMatch "\.(css|html|js|ico|gif|png|woff)$"> + <FilesMatch "\.(css|gif|html|ico|js|png|svg|woff)$"> Header merge Cache-Control "public" </FilesMatch> </IfModule> diff --git a/p/themes/.htaccess b/p/themes/.htaccess new file mode 100644 index 000000000..bde718537 --- /dev/null +++ b/p/themes/.htaccess @@ -0,0 +1,21 @@ +<IfModule mod_mime.c> + AddType application/font-woff .woff + + AddCharset UTF-8 .css + AddCharset UTF-8 .svg +</IfModule> + +<IfModule mod_expires.c> + ExpiresActive on + ExpiresByType application/font-woff "access plus 1 month" + ExpiresByType image/gif "access plus 1 month" + ExpiresByType image/png "access plus 1 month" + ExpiresByType image/svg+xml "access plus 1 month" + ExpiresByType text/css "access plus 1 month" +</IfModule> + +<IfModule mod_headers.c> + <FilesMatch "\.svg$"> + Header set Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'" + </FilesMatch> +</IfModule> diff --git a/p/themes/index.html b/p/themes/index.html new file mode 100644 index 000000000..85faaa37e --- /dev/null +++ b/p/themes/index.html @@ -0,0 +1,13 @@ +<!DOCTYPE html> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB"> +<head> +<meta charset="UTF-8" /> +<meta http-equiv="Refresh" content="0; url=/" /> +<title>Redirection</title> +<meta name="robots" content="noindex" /> +</head> + +<body> +<p><a href="/">Redirection</a></p> +</body> +</html> |