Michael Maurakis
1282bf2bda
settings panel handles things. Also removed open in new tab. CORS blocks any ability to do anything cool with iframes so it will likely have to be reserved for a extension or something of that kind.
35 lines
No EOL
969 B
Nginx Configuration File
35 lines
No EOL
969 B
Nginx Configuration File
server {
|
|
listen 80;
|
|
server_name localhost;
|
|
root /usr/share/nginx/html;
|
|
index index.html;
|
|
|
|
# Enable gzip compression
|
|
gzip on;
|
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
|
|
|
# Security headers
|
|
add_header X-Frame-Options "SAMEORIGIN";
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Content-Type-Options "nosniff";
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
|
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
expires 1h;
|
|
add_header Cache-Control "public, no-transform";
|
|
}
|
|
|
|
# Prevent access to .git and other hidden files
|
|
location ~ /\. {
|
|
deny all;
|
|
access_log off;
|
|
log_not_found off;
|
|
}
|
|
|
|
# Assets caching
|
|
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
|
|
expires 7d;
|
|
add_header Cache-Control "public, no-transform";
|
|
}
|
|
} |