51 lines
		
	
	
		
			1.3 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			51 lines
		
	
	
		
			1.3 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| /*
 | |
|   X-Frame-Options: DENY
 | |
|   X-Content-Type-Options: nosniff
 | |
|   Referrer-Policy: strict-origin-when-cross-origin
 | |
|   X-XSS-Protection: 1; mode=block
 | |
|   Permissions-Policy: camera=(), microphone=(), geolocation=()
 | |
| 
 | |
| # OAuth specific headers
 | |
| /oauth/*
 | |
|   Access-Control-Allow-Origin: https://bsky.social
 | |
|   Access-Control-Allow-Methods: GET, POST, OPTIONS
 | |
|   Access-Control-Allow-Headers: Content-Type, Authorization
 | |
| 
 | |
| # Static assets caching
 | |
| /assets/*
 | |
|   Cache-Control: public, max-age=31536000, immutable
 | |
| 
 | |
| /css/*
 | |
|   Content-Type: text/css
 | |
|   Cache-Control: no-cache
 | |
| 
 | |
| /*.js
 | |
|   Content-Type: application/javascript
 | |
|   Cache-Control: public, max-age=31536000, immutable
 | |
| 
 | |
| /assets/*.js
 | |
|   Content-Type: application/javascript
 | |
|   Cache-Control: public, max-age=31536000, immutable
 | |
| 
 | |
| # Ensure ES6 modules are served correctly
 | |
| /assets/comment-atproto-*.js
 | |
|   Content-Type: text/javascript; charset=utf-8
 | |
|   Cache-Control: public, max-age=31536000, immutable
 | |
| 
 | |
| # All JS assets
 | |
| /assets/*-*.js
 | |
|   Content-Type: text/javascript; charset=utf-8
 | |
|   Cache-Control: public, max-age=31536000, immutable
 | |
| 
 | |
| # CSS assets
 | |
| /assets/*.css
 | |
|   Content-Type: text/css
 | |
|   Cache-Control: public, max-age=60
 | |
| 
 | |
| /posts/*
 | |
|   Cache-Control: public, max-age=3600
 | |
| 
 | |
| # Client metadata for OAuth
 | |
| /client-metadata.json
 | |
|   Content-Type: application/json
 | |
|   Cache-Control: public, max-age=3600 |