1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- #
- # _ _ ____ _
- # _| || |_/ ___| ___ _ __ _ __ ___ | |
- # |_ .. _\___ \ / _ \ '_ \| '_ \ / _ \| |
- # |_ _|___) | __/ |_) | |_) | (_) |_|
- # |_||_| |____/ \___| .__/| .__/ \___/(_)
- # |_| |_|
- #
- # Personal Social Web.
- #
- # Copyright (C) The #Seppo contributors. All rights reserved.
- #
- # This program is free software: you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation, either version 3 of the License, or
- # (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program. If not, see <http://www.gnu.org/licenses/>.
- #
-
- # Requires:
- # mod_cgi.c
- # mod_rewrite.c
- # mandatory, already before first run of cgi (hopefully a webserver default or
- # uncomment and place .htaccess manually...):
- # AddHandler cgi-script .cgi
- # Options FollowSymLinks ExecCGI
- # mandatory
- DirectoryIndex index.html index.xml index.json
- # recommended
- AddDefaultCharset UTF-8
- AddType "application/javascript" js jsonp
- AddType "application/jrd+json" jrd
- AddType "application/json" json
- AddType "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"" jsa
- AddType "image/jpeg" jpg
- AddType "image/svg+xml" svg
- AddType "text/css" css
- AddType "text/html" html
- AddType "text/xml" xml
- AddType "text/xsl" xsl
- AddOutputFilter DEFLATE html xml xsl css jsa json jsonp svg
- # recommended
- # https://observatory.mozilla.org/
- # Header set Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-hGqewLn4csF93PEX/0TCk2jdnAytXBZFxFBzKt7wcgo='; connect-src 'self'; font-src 'self'; img-src 'self' data: https://*; media-src 'self';"
- Header set Content-Security-Policy "base-uri 'none'; form-action 'self'; frame-ancestors 'none'; default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'sha256-hGqewLn4csF93PEX/0TCk2jdnAytXBZFxFBzKt7wcgo='; connect-src 'self'; font-src 'self'; img-src data: 'self' https://*; media-src 'self';"
- Header set Referrer-Policy no-referrer
- # https://lobste.rs/s/98rp8f/cors_is_stupid
- Header set Access-Control-Allow-Origin *
- Header set Access-Control-Allow-Methods *
- Header set X-Content-Type-Options nosniff
- Header set X-Frame-Options DENY
- # nice
- Header set X-Powered-By "Seppo.Social"
- # https://lobste.rs/s/1phzpg/block_ai_training_on_web_site
- Header set X-Robots-Tag "noai, noimageai, GPC"
- # cache assets only (see themes/current/.htaccess)
- <If "%{REQUEST_URI} =~ m#^/seppo\.cgi/actor/icon$#">
- Header set Cache-Control "max-age=86400, public"
- </If>
- <Else>
- Header set Cache-Control "no-cache"
- </Else>
- Header set Connection Keep-Alive
|