Skip to content
Commits on Nov 20, 2014
  1. @alrra

    Remove Git submodules

    alrra committed
    This change removes the need to update the git submodules as well as
    make all users refer to the appropriate server configs repositories.
Commits on Feb 3, 2014
  1. @alrra

    Update content

    alrra committed
Commits on Jul 31, 2013
  1. @alrra
Commits on Jul 28, 2013
  1. @alrra

    README.md: Update links

    alrra committed
  2. @alrra
  3. @alrra
  4. @alrra
  5. @alrra

    Move IIS server configs into a separate repository

    alrra committed
    Internet Information Services (IIS) Server Configs repository:
    https://github.com/h5bp/server-configs-iis
    
    Ref: h5bp/server-configs#161
  6. @alrra
  7. @Irvyne @alrra
Commits on Jul 27, 2013
  1. @alrra
Commits on Jul 26, 2013
  1. @alrra
Commits on Jun 27, 2013
  1. @vlakoff @alrra

    [apache] Remove directory check for cache busting

    vlakoff committed with alrra
    The directory check from the `filename-based cache busting`
    section is unnecessary in almost all cases.
    
    Close h5bp/server-configs#156.
  2. @alrra

    Remove `.npmignore`

    alrra committed
  3. @alrra

    Add MIT license

    alrra committed
    In order to remove any ambiguity, provide a proper, highly
    permissive license, recognized by the Open Source Initiative (OSI).
    
    Close h5bp/server-configs#157.
  4. @rwblackburn @alrra

    [apache] Fix rewrite rule conditions for localhost

    rwblackburn committed with alrra
    Add `localhost` and `127.0.0.1` exceptions to the rewrite rule condi-
    tions that prepend `www.` to URLs, as the current rules prevent users
    from being able to test locally.
    
    Closes h5bp/server-configs#152.
  5. @alrra

    [apache] Add `includeSubDomains` directive to HSTS

    Thomas Parisot committed with alrra
    The `includeSubDomains` optional directive allows the user to apply the
    `HTTP Strict Transport Security` rule to all of the site's subdomains:
    * http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1
    * https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
    
    Ref: h5bp/server-configs#151
  6. @Ekman @alrra

    [lighttpd] Security enhancements

    Ekman committed with alrra
    - Avoid revealing the server name and version number
    - Disable directory listing
    
    Ref: h5bp/server-configs#150
  7. @mattbrundage @alrra
  8. @alrra

    Update README.md

    alrra committed
  9. @alrra
  10. @alrra
  11. @alrra
Commits on Apr 1, 2013
  1. @AD7six

    nginx.conf: repair broken log format (someone had swapped two variabl…

    Aitte committed with AD7six
    …es around, breaking the intended apache log format compatibility)
    
    Conflicts:
    	nginx/nginx.conf
Commits on Mar 29, 2013
  1. @alrra
  2. @alrra

    Update server configs

    alrra committed
    Update some of the server configurations to match
    the ones used in the Apache hypertext access file.
Commits on Mar 28, 2013
  1. @alrra

    [apache] Add `Open Web App Manifest` configs

    alrra committed
    An Open Web App manifest file (having the extension `.webapp`):
    
    * must be served with a `Content-Type` header of
      `application/x-web-app-manifest+json` (this is currently not enforced
      by Firefox but is enforced by the Firefox Marketplace while, Firefox
      OS only checks this if the origin of the page where the user triggers
      the install is different from the origin of the app itself)
    
    * must be UTF-8 encoded in order to be submitted to the Firefox
      Marketplace
    
    * should not be cached (the expires headers for the manifest are usually
      ignored by Firefox but, just to be sure):
    
      "Webapps.jsm <http://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm>
      sets INHIBIT_CACHING <http://mxr.mozilla.org/mozilla-central/source/netwerk/base/public/nsIRequest.idl#141>
      when it downloads the manifest, which prevents Firefox from caching it
      so, in theory the Firefox app runtime won't take expires headers into
      consideration. However, INHIBIT_CACHING doesn't prevent the runtime
      from using an entry in the cache if it exists so, if you load the
      manifest yourself, f.e. to see what it looks like, while developing
      your app, Firefox might cache it, and Webapps.jsm might then get the
      cached version.
      ...
      Webapps.jsm is the implementation of the DOMApplicationRegistry that
      is responsible for managing app records, including their manifests"
    
                                ~ thanks to @mykmelez for the explanation ~
    
    * is a JSON file so, it can be compressed (the manifest validator
      <https://marketplace.firefox.com/developers/validator>, doesn't seem
      to mind)
    
    * doesn't need any of the extra headers (e.g.:`Content-Security-Policy`,
      `X-UA-Compatible`, etc.)
    
    Reference: https://developer.mozilla.org/en-US/docs/Apps/Manifest
Commits on Mar 27, 2013
  1. @alrra

    [apache] Consistency changes

    alrra committed
    * Use consistent code indentation (4 spaces, 2 seems cluttered).
    * Maintain the same arrangement style for all group directives.
  2. @alrra
  3. @alrra

    [apache] Update code comments

    alrra committed
    * Provide more meaningful comments and remove the superfluous ones.
    * Remove / replace outdated URLs.
  4. @alrra

    [apache] Remove all `php` configurations

    alrra committed
    The php directives have been included in the Apache hypertext access
    file more as helpful information then to be used out of the box.
    
    Nowadays, the use of the directives is highly dependent on the php
    version and the way in witch php is integrated with Apache. This makes
    them less usefull by default and just extra code to remove for both
    the people that don't use php and the ones that do (especially a newer
    version).
    
    Reference: h5bp/server-configs#140
  5. @alrra

    [apache] Add comment about font MIME types

    alrra committed
    Browsers usually ignore the font MIME types and sniff the content but,
    Chrome, shows a warning if TrueType / Opentype fonts aren't served with
    the `application/x-font-ttf` / `font/opentype` MIME type.
    
    References:
    * h5bp/html5-boilerplate#1317
    * http://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern
  6. @alrra

    [apache] Remove `php_flag register_globals Off`

    alrra committed
    The `register_globals` directive is not required anymore as it
    defaults to `off` starting with PHP 4.2.0, is deprecated as of
    PHP 5.3.0 and removed as of PHP 5.4.0:
    http://www.php.net/manual/en/ini.core.php#ini.register-globals
    
    Also, support for PHP 4 has been discontinued since 2007-12-31:
    http://php.net/releases/index.php
  7. @alrra

    [apache] Update the `Custom 404 page` section

    alrra committed
    - Provide a more meaningful description.
    - Comment out the `ErrorDocument` directive as this project doesn't
      offer the custom 404 page like other projects do.
  8. @alrra

    Remove all white spaces

    alrra committed
Something went wrong with that request. Please try again.