Permalink
Commits on Nov 20, 2014
  1. @alrra

    Remove Git submodules

    This change removes the need to update the git submodules as well as
    make all users refer to the appropriate server configs repositories.
    alrra committed Nov 20, 2014
Commits on Feb 3, 2014
  1. @alrra

    Update content

    alrra committed Jan 16, 2014
Commits on Jul 31, 2013
  1. @alrra
Commits on Jul 28, 2013
  1. @alrra

    README.md: Update links

    alrra committed Jul 28, 2013
  2. @alrra
  3. @alrra
  4. @alrra
  5. @alrra

    Move IIS server configs into a separate repository

    Internet Information Services (IIS) Server Configs repository:
    https://github.com/h5bp/server-configs-iis
    
    Ref: h5bp/server-configs#161
    alrra committed Jul 28, 2013
  6. @alrra

    Move GAE server configs into a separate repository

    Google App Engine Server Configs repository:
    https://github.com/h5bp/server-configs-gae
    
    Ref: h5bp/server-configs#161
    alrra committed Jul 28, 2013
  7. @Irvyne @alrra
Commits on Jul 27, 2013
  1. @alrra
Commits on Jul 26, 2013
  1. @alrra
Commits on Jun 27, 2013
  1. @vlakoff @alrra

    [apache] Remove directory check for cache busting

    The directory check from the `filename-based cache busting`
    section is unnecessary in almost all cases.
    
    Close h5bp/server-configs#156.
    vlakoff committed with alrra Jun 27, 2013
  2. @alrra

    Remove `.npmignore`

    alrra committed Jun 27, 2013
  3. @alrra

    Add MIT license

    In order to remove any ambiguity, provide a proper, highly
    permissive license, recognized by the Open Source Initiative (OSI).
    
    Close h5bp/server-configs#157.
    alrra committed Jun 27, 2013
  4. @rwblackburn @alrra

    [apache] Fix rewrite rule conditions for localhost

    Add `localhost` and `127.0.0.1` exceptions to the rewrite rule condi-
    tions that prepend `www.` to URLs, as the current rules prevent users
    from being able to test locally.
    
    Closes h5bp/server-configs#152.
    rwblackburn committed with alrra Jun 7, 2013
  5. @alrra

    [apache] Add `includeSubDomains` directive to HSTS

    The `includeSubDomains` optional directive allows the user to apply the
    `HTTP Strict Transport Security` rule to all of the site's subdomains:
    * http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1
    * https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
    
    Ref: h5bp/server-configs#151
    Thomas Parisot committed with alrra May 29, 2013
  6. @Ekman @alrra

    [lighttpd] Security enhancements

    - Avoid revealing the server name and version number
    - Disable directory listing
    
    Ref: h5bp/server-configs#150
    Ekman committed with alrra May 28, 2013
  7. @mattbrundage @alrra
  8. @alrra

    Update README.md

    alrra committed Apr 19, 2013
  9. @alrra
  10. @alrra

    [nginx] Remove `text/html` from `gzip_types`

    Fix: #144.
    alrra committed Apr 2, 2013
  11. @alrra
Commits on Apr 1, 2013
  1. @AD7six

    nginx.conf: repair broken log format (someone had swapped two variabl…

    …es around, breaking the intended apache log format compatibility)
    
    Conflicts:
    	nginx/nginx.conf
    Aitte committed with AD7six Feb 24, 2013
Commits on Mar 29, 2013
  1. @alrra
  2. @alrra

    Update server configs

    Update some of the server configurations to match
    the ones used in the Apache hypertext access file.
    alrra committed Mar 29, 2013
Commits on Mar 28, 2013
  1. @alrra

    [apache] Add `Open Web App Manifest` configs

    An Open Web App manifest file (having the extension `.webapp`):
    
    * must be served with a `Content-Type` header of
      `application/x-web-app-manifest+json` (this is currently not enforced
      by Firefox but is enforced by the Firefox Marketplace while, Firefox
      OS only checks this if the origin of the page where the user triggers
      the install is different from the origin of the app itself)
    
    * must be UTF-8 encoded in order to be submitted to the Firefox
      Marketplace
    
    * should not be cached (the expires headers for the manifest are usually
      ignored by Firefox but, just to be sure):
    
      "Webapps.jsm <http://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm>
      sets INHIBIT_CACHING <http://mxr.mozilla.org/mozilla-central/source/netwerk/base/public/nsIRequest.idl#141>
      when it downloads the manifest, which prevents Firefox from caching it
      so, in theory the Firefox app runtime won't take expires headers into
      consideration. However, INHIBIT_CACHING doesn't prevent the runtime
      from using an entry in the cache if it exists so, if you load the
      manifest yourself, f.e. to see what it looks like, while developing
      your app, Firefox might cache it, and Webapps.jsm might then get the
      cached version.
      ...
      Webapps.jsm is the implementation of the DOMApplicationRegistry that
      is responsible for managing app records, including their manifests"
    
                                ~ thanks to @mykmelez for the explanation ~
    
    * is a JSON file so, it can be compressed (the manifest validator
      <https://marketplace.firefox.com/developers/validator>, doesn't seem
      to mind)
    
    * doesn't need any of the extra headers (e.g.:`Content-Security-Policy`,
      `X-UA-Compatible`, etc.)
    
    Reference: https://developer.mozilla.org/en-US/docs/Apps/Manifest
    alrra committed Mar 28, 2013
Commits on Mar 27, 2013
  1. @alrra

    [apache] Consistency changes

    * Use consistent code indentation (4 spaces, 2 seems cluttered).
    * Maintain the same arrangement style for all group directives.
    alrra committed Mar 27, 2013
  2. @alrra
  3. @alrra

    [apache] Update code comments

    * Provide more meaningful comments and remove the superfluous ones.
    * Remove / replace outdated URLs.
    alrra committed Mar 26, 2013
  4. @alrra

    [apache] Remove all `php` configurations

    The php directives have been included in the Apache hypertext access
    file more as helpful information then to be used out of the box.
    
    Nowadays, the use of the directives is highly dependent on the php
    version and the way in witch php is integrated with Apache. This makes
    them less usefull by default and just extra code to remove for both
    the people that don't use php and the ones that do (especially a newer
    version).
    
    Reference: h5bp/server-configs#140
    alrra committed Mar 24, 2013
  5. @alrra

    [apache] Add comment about font MIME types

    Browsers usually ignore the font MIME types and sniff the content but,
    Chrome, shows a warning if TrueType / Opentype fonts aren't served with
    the `application/x-font-ttf` / `font/opentype` MIME type.
    
    References:
    * h5bp/html5-boilerplate#1317
    * http://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern
    alrra committed Mar 21, 2013
  6. @alrra

    [apache] Remove `php_flag register_globals Off`

    The `register_globals` directive is not required anymore as it
    defaults to `off` starting with PHP 4.2.0, is deprecated as of
    PHP 5.3.0 and removed as of PHP 5.4.0:
    http://www.php.net/manual/en/ini.core.php#ini.register-globals
    
    Also, support for PHP 4 has been discontinued since 2007-12-31:
    http://php.net/releases/index.php
    alrra committed Mar 18, 2013
  7. @alrra

    [apache] Update the `Custom 404 page` section

    - Provide a more meaningful description.
    - Comment out the `ErrorDocument` directive as this project doesn't
      offer the custom 404 page like other projects do.
    alrra committed Mar 2, 2013
  8. @alrra

    Remove all white spaces

    alrra committed Mar 1, 2013