From 59911a536d4efe67a383f233a8e10bb5ce1b8809 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C4=83t=C4=83lin=20Mari=C8=99?= Date: Sat, 13 Sep 2014 14:04:27 +0300 Subject: [PATCH] Update Apache Server Configs to v2.8.0 --- CHANGELOG.md | 2 +- dist/.htaccess | 51 +++++++++++++++++++++++++++++++++++++++----------- package.json | 2 +- 3 files changed, 42 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b7f4420..1b0ed875 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,9 @@ ### HEAD +* Update Apache Server Configs to v2.8.0. * Add pseudo-elements to universal selector in print media query ([#1585](https://github.com/h5bp/html5-boilerplate/pull/1585)). * Update to Modernizr 2.8.3. -* Update to Apache Server Configs 2.7.1. * Remove need to readjust margins in `404.html` ([#1567](https://github.com/h5bp/html5-boilerplate/pull/1567)). * Add `/.editorconfig` file diff --git a/dist/.htaccess b/dist/.htaccess index 28875de1..a4a21fce 100644 --- a/dist/.htaccess +++ b/dist/.htaccess @@ -1,4 +1,4 @@ -# Apache Server Configs v2.7.1 | MIT License +# Apache Server Configs v2.8.0 | MIT License # https://github.com/h5bp/server-configs-apache # (!) Using `.htaccess` files slows down Apache, therefore, if you have access @@ -10,7 +10,7 @@ # ############################################################################## # ------------------------------------------------------------------------------ -# | Cross-domain requests | +# | Cross-origin requests | # ------------------------------------------------------------------------------ # Allow cross-origin requests. @@ -33,6 +33,22 @@ +# ------------------------------------------------------------------------------ +# | Cross-origin resource timing | +# ------------------------------------------------------------------------------ + +# Allow cross-origin access to the timing information for all resources. + +# If a resource isn't served with a `Timing-Allow-Origin` header that would +# allow its timing information to be shared with the current document, some of +# the attributes of the `PerformanceResourceTiming` object will be set to zero. + +# http://www.w3.org/TR/resource-timing/ + +# +# Header set Timing-Allow-Origin: "*" +# + # ------------------------------------------------------------------------------ # | CORS-enabled images | # ------------------------------------------------------------------------------ @@ -229,6 +245,7 @@ AddDefaultCharset utf-8 .js \ .json \ .jsonld \ + .rdf \ .rss \ .topojson \ .vtt \ @@ -549,12 +566,13 @@ AddDefaultCharset utf-8 # The following header ensures that browser will ONLY connect to your server # via HTTPS, regardless of what the users type in the address bar. -# http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1 -# http://www.html5rocks.com/en/tutorials/security/transport-layer-security/ - # IMPORTANT: Remove the `includeSubDomains` optional directive if the subdomains # are not using HTTPS. +# http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1 +# http://www.html5rocks.com/en/tutorials/security/transport-layer-security/ +# http://blogs.msdn.com/b/ieinternals/archive/2014/08/18/hsts-strict-transport-security-attacks-mitigations-deployment-https.aspx + # # Header set Strict-Transport-Security "max-age=16070400; includeSubDomains" # @@ -594,11 +612,16 @@ AddDefaultCharset utf-8 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Mark certain resources as been compressed in order to: - # - # 1) prevent Apache from recompressing them - # 2) ensure that they are served with the correct - # `Content-Encoding` HTTP response header + # Map certain file types to the specified encoding type in order to + # make Apache serve them with the appropriate `Content-Encoding` HTTP + # response header (this will NOT make Apache compress them!). + + # If the following file types wouldn't be served without the appropriate + # `Content-Enable` HTTP response header, client applications (e.g.: + # browsers) wouldn't know that they first need to uncompress the response, + # and thus, wouldn't be able to understand the content. + + # http://httpd.apache.org/docs/current/mod/mod_mime.html#addencoding AddEncoding gzip svgz @@ -618,7 +641,9 @@ AddDefaultCharset utf-8 "application/json" \ "application/ld+json" \ "application/manifest+json" \ + "application/rdf+xml" \ "application/rss+xml" \ + "application/schema+json" \ "application/vnd.geo+json" \ "application/vnd.ms-fontobject" \ "application/x-font-ttf" \ @@ -631,6 +656,7 @@ AddDefaultCharset utf-8 "text/cache-manifest" \ "text/css" \ "text/html" \ + "text/javascript" \ "text/plain" \ "text/vtt" \ "text/x-component" \ @@ -684,6 +710,7 @@ FileETag None # Data interchange ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/ld+json "access plus 0 seconds" + ExpiresByType application/schema+json "access plus 0 seconds" ExpiresByType application/vnd.geo+json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" @@ -699,6 +726,7 @@ FileETag None # JavaScript ExpiresByType application/javascript "access plus 1 year" + ExpiresByType text/javascript "access plus 1 year" # Manifest files ExpiresByType application/manifest+json "access plus 1 year" @@ -716,6 +744,7 @@ FileETag None # Web feeds ExpiresByType application/atom+xml "access plus 1 hour" + ExpiresByType application/rdf+xml "access plus 1 hour" ExpiresByType application/rss+xml "access plus 1 hour" # Web fonts @@ -764,7 +793,7 @@ FileETag None # # # Options +Includes -# AddOutputFilterByType INCLUDES application/javascript +# AddOutputFilterByType INCLUDES application/javascript text/javascript # SetOutputFilter INCLUDES # # diff --git a/package.json b/package.json index 639afaa9..2c8bd45f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "devDependencies": { - "apache-server-configs": "2.7.1", + "apache-server-configs": "2.8.0", "archiver": "^0.10.1", "del": "^0.1.1", "glob": "^4.0.5",