51 lines
1.3 KiB
Plaintext
51 lines
1.3 KiB
Plaintext
/*
|
|
X-Frame-Options: DENY
|
|
X-Content-Type-Options: nosniff
|
|
Referrer-Policy: strict-origin-when-cross-origin
|
|
X-XSS-Protection: 1; mode=block
|
|
Permissions-Policy: camera=(), microphone=(), geolocation=()
|
|
|
|
# OAuth specific headers
|
|
/oauth/*
|
|
Access-Control-Allow-Origin: https://bsky.social
|
|
Access-Control-Allow-Methods: GET, POST, OPTIONS
|
|
Access-Control-Allow-Headers: Content-Type, Authorization
|
|
|
|
# Static assets caching
|
|
/assets/*
|
|
Cache-Control: public, max-age=31536000, immutable
|
|
|
|
/css/*
|
|
Content-Type: text/css
|
|
Cache-Control: no-cache
|
|
|
|
/*.js
|
|
Content-Type: application/javascript
|
|
Cache-Control: public, max-age=31536000, immutable
|
|
|
|
/assets/*.js
|
|
Content-Type: application/javascript
|
|
Cache-Control: public, max-age=31536000, immutable
|
|
|
|
# Ensure ES6 modules are served correctly
|
|
/assets/comment-atproto-*.js
|
|
Content-Type: text/javascript; charset=utf-8
|
|
Cache-Control: public, max-age=31536000, immutable
|
|
|
|
# All JS assets
|
|
/assets/*-*.js
|
|
Content-Type: text/javascript; charset=utf-8
|
|
Cache-Control: public, max-age=31536000, immutable
|
|
|
|
# CSS assets
|
|
/assets/*.css
|
|
Content-Type: text/css
|
|
Cache-Control: public, max-age=60
|
|
|
|
/posts/*
|
|
Cache-Control: public, max-age=3600
|
|
|
|
# Client metadata for OAuth
|
|
/client-metadata.json
|
|
Content-Type: application/json
|
|
Cache-Control: public, max-age=3600 |