API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 23rd, 2017
202
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.05 KB | None | 0 0
raw download clone embed print report
  1. # ######################################################################
  2. # # MEDIA TYPES AND CHARACTER ENCODINGS #
  3. # ######################################################################
  4.  
  5. # ----------------------------------------------------------------------
  6. # | Media types |
  7. # ----------------------------------------------------------------------
  8.  
  9. # Serve resources with the proper media types (f.k.a. MIME types).
  10. #
  11. # https://www.iana.org/assignments/media-types/media-types.xhtml
  12. # https://httpd.apache.org/docs/current/mod/mod_mime.html#addtype
  13.  
  14. <IfModule mod_mime.c>
  15.  
  16. # Data interchange
  17.  
  18. AddType application/atom+xml atom
  19. AddType application/json json map topojson
  20. AddType application/ld+json jsonld
  21. AddType application/rss+xml rss
  22. AddType application/vnd.geo+json geojson
  23. AddType application/xml rdf xml
  24.  
  25.  
  26. # JavaScript
  27.  
  28. # Normalize to standard type.
  29. # https://tools.ietf.org/html/rfc4329#section-7.2
  30.  
  31. AddType application/javascript js
  32.  
  33.  
  34. # Manifest files
  35.  
  36. # If you are providing a web application manifest file (see
  37. # the specification: https://w3c.github.io/manifest/), it is
  38. # recommended that you serve it with the `application/manifest+json`
  39. # media type.
  40. #
  41. # Because the web application manifest file doesn't have its
  42. # own unique file extension, you can set its media type either
  43. # by matching:
  44. #
  45. # 1) the exact location of the file (this can be done using a
  46. # directive such as `<Location>`, but it will NOT work in
  47. # the `.htaccess` file, so you will have to do it in the main
  48. # server configuration file or inside of a `<VirtualHost>`
  49. # container)
  50. #
  51. # e.g.:
  52. #
  53. # <Location "/.well-known/manifest.json">
  54. # AddType application/manifest+json json
  55. # </Location>
  56. #
  57. # 2) the filename (this can be problematic as you will need to
  58. # ensure that you don't have any other file with the same name
  59. # as the one you gave to your web application manifest file)
  60. #
  61. # e.g.:
  62. #
  63. # <Files "manifest.json">
  64. # AddType application/manifest+json json
  65. # </Files>
  66.  
  67. AddType application/x-web-app-manifest+json webapp
  68. AddType text/cache-manifest appcache
  69.  
  70.  
  71. # Media files
  72.  
  73. AddType audio/mp4 f4a f4b m4a
  74. AddType audio/ogg oga ogg opus
  75. AddType image/bmp bmp
  76. AddType image/svg+xml svg svgz
  77. AddType image/webp webp
  78. AddType video/mp4 f4v f4p m4v mp4
  79. AddType video/ogg ogv
  80. AddType video/webm webm
  81. AddType video/x-flv flv
  82.  
  83. # Serving `.ico` image files with a different media type
  84. # prevents Internet Explorer from displaying then as images:
  85. # https://github.com/h5bp/html5-boilerplate/commit/37b5fec090d00f38de64b591bcddcb205aadf8ee
  86.  
  87. AddType image/x-icon cur ico
  88.  
  89.  
  90. # Web fonts
  91.  
  92. AddType application/font-woff woff
  93. AddType application/font-woff2 woff2
  94. AddType application/vnd.ms-fontobject eot
  95.  
  96. # Browsers usually ignore the font media types and simply sniff
  97. # the bytes to figure out the font type.
  98. # https://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern
  99. #
  100. # However, Blink and WebKit based browsers will show a warning
  101. # in the console if the following font types are served with any
  102. # other media types.
  103.  
  104. AddType application/x-font-ttf ttc ttf
  105. AddType font/opentype otf
  106.  
  107.  
  108. # Other
  109.  
  110. AddType application/octet-stream safariextz
  111. AddType application/x-bb-appworld bbaw
  112. AddType application/x-chrome-extension crx
  113. AddType application/x-opera-extension oex
  114. AddType application/x-xpinstall xpi
  115. AddType text/vcard vcard vcf
  116. AddType text/vnd.rim.location.xloc xloc
  117. AddType text/vtt vtt
  118. AddType text/x-component htc
  119.  
  120. </IfModule>
  121.  
  122.  
  123. # ----------------------------------------------------------------------
  124. # | Reducing MIME type security risks |
  125. # ----------------------------------------------------------------------
  126.  
  127. # Prevent some browsers from MIME-sniffing the response.
  128. #
  129. # This reduces exposure to drive-by download attacks and cross-origin
  130. # data leaks, and should be left uncommented, especially if the server
  131. # is serving user-uploaded content or content that could potentially be
  132. # treated as executable by the browser.
  133. #
  134. # http://www.slideshare.net/hasegawayosuke/owasp-hasegawa
  135. # http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
  136. # https://msdn.microsoft.com/en-us/library/ie/gg622941.aspx
  137. # https://mimesniff.spec.whatwg.org/
  138.  
  139. <IfModule mod_headers.c>
  140. Header set X-Content-Type-Options "nosniff"
  141. </IfModule>
  142.  
  143. # ----------------------------------------------------------------------
  144. # | ETags |
  145. # ----------------------------------------------------------------------
  146.  
  147. # Remove `ETags` as resources are sent with far-future expires headers.
  148. #
  149. # https://developer.yahoo.com/performance/rules.html#etags
  150. # https://tools.ietf.org/html/rfc7232#section-2.3
  151.  
  152. # `FileETag None` doesn't work in all cases.
  153. <IfModule mod_headers.c>
  154. Header unset ETag
  155. </IfModule>
  156.  
  157. FileETag None
  158.  
  159. # ----------------------------------------------------------------------
  160. # | Expires headers |
  161. # ----------------------------------------------------------------------
  162.  
  163. # Serve resources with far-future expires headers.
  164. #
  165. # (!) If you don't control versioning with filename-based
  166. # cache busting, you should consider lowering the cache times
  167. # to something like one week.
  168. #
  169. # https://httpd.apache.org/docs/current/mod/mod_expires.html
  170.  
  171. <IfModule mod_expires.c>
  172.  
  173. ExpiresActive on
  174. ExpiresDefault "access plus 1 month"
  175.  
  176. # CSS
  177. ExpiresByType text/css "access plus 1 year"
  178.  
  179. # Data interchange
  180. ExpiresByType application/atom+xml "access plus 1 hour"
  181. ExpiresByType application/rdf+xml "access plus 1 hour"
  182. ExpiresByType application/rss+xml "access plus 1 hour"
  183.  
  184. ExpiresByType application/json "access plus 0 seconds"
  185. ExpiresByType application/ld+json "access plus 0 seconds"
  186. ExpiresByType application/schema+json "access plus 0 seconds"
  187. ExpiresByType application/vnd.geo+json "access plus 0 seconds"
  188. ExpiresByType application/xml "access plus 0 seconds"
  189. ExpiresByType text/xml "access plus 0 seconds"
  190.  
  191. # Favicon (cannot be renamed!) and cursor images
  192. ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
  193. ExpiresByType image/x-icon "access plus 1 week"
  194.  
  195. # HTML
  196. ExpiresByType text/html "access plus 0 seconds"
  197.  
  198. # JavaScript
  199. ExpiresByType application/javascript "access plus 1 year"
  200. ExpiresByType application/x-javascript "access plus 1 year"
  201. ExpiresByType text/javascript "access plus 1 year"
  202.  
  203. # Manifest files
  204. ExpiresByType application/manifest+json "access plus 1 year"
  205.  
  206. ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
  207. ExpiresByType text/cache-manifest "access plus 0 seconds"
  208.  
  209. # Media files
  210. ExpiresByType audio/ogg "access plus 1 month"
  211. ExpiresByType image/bmp "access plus 1 month"
  212. ExpiresByType image/gif "access plus 1 month"
  213. ExpiresByType image/jpeg "access plus 1 month"
  214. ExpiresByType image/png "access plus 1 month"
  215. ExpiresByType image/svg+xml "access plus 1 month"
  216. ExpiresByType image/webp "access plus 1 month"
  217. ExpiresByType video/mp4 "access plus 1 month"
  218. ExpiresByType video/ogg "access plus 1 month"
  219. ExpiresByType video/webm "access plus 1 month"
  220.  
  221. # Web fonts
  222.  
  223. # Embedded OpenType (EOT)
  224. ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
  225. ExpiresByType font/eot "access plus 1 month"
  226.  
  227. # OpenType
  228. ExpiresByType font/opentype "access plus 1 month"
  229.  
  230. # TrueType
  231. ExpiresByType application/x-font-ttf "access plus 1 month"
  232.  
  233. # Web Open Font Format (WOFF) 1.0
  234. ExpiresByType application/font-woff "access plus 1 month"
  235. ExpiresByType application/x-font-woff "access plus 1 month"
  236. ExpiresByType font/woff "access plus 1 month"
  237.  
  238. # Web Open Font Format (WOFF) 2.0
  239. ExpiresByType application/font-woff2 "access plus 1 month"
  240.  
  241. # Other
  242. ExpiresByType text/x-cross-domain-policy "access plus 1 week"
  243.  
  244. </IfModule>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!