Permalink
Switch branches/tags
Nothing to show
Commits on Nov 6, 2013
  1. Merge pull request #1 from h5bp/master

    sync
    committed Nov 6, 2013
Commits on Jul 31, 2013
Commits on Jul 28, 2013
  1. README.md: Update links

    alrra committed Jul 28, 2013
  2. Move IIS server configs into a separate repository

    Internet Information Services (IIS) Server Configs repository:
    https://github.com/h5bp/server-configs-iis
    
    Ref: h5bp/server-configs#161
    alrra committed Jul 28, 2013
  3. Move GAE server configs into a separate repository

    Google App Engine Server Configs repository:
    https://github.com/h5bp/server-configs-gae
    
    Ref: h5bp/server-configs#161
    alrra committed Jul 28, 2013
Commits on Jul 27, 2013
Commits on Jul 26, 2013
Commits on Jun 27, 2013
  1. [apache] Remove directory check for cache busting

    The directory check from the `filename-based cache busting`
    section is unnecessary in almost all cases.
    
    Close h5bp/server-configs#156.
    vlakoff committed with alrra Jun 27, 2013
  2. Remove `.npmignore`

    alrra committed Jun 27, 2013
  3. Add MIT license

    In order to remove any ambiguity, provide a proper, highly
    permissive license, recognized by the Open Source Initiative (OSI).
    
    Close h5bp/server-configs#157.
    alrra committed Jun 27, 2013
  4. [apache] Fix rewrite rule conditions for localhost

    Add `localhost` and `127.0.0.1` exceptions to the rewrite rule condi-
    tions that prepend `www.` to URLs, as the current rules prevent users
    from being able to test locally.
    
    Closes h5bp/server-configs#152.
    rwblackburn committed with alrra Jun 7, 2013
  5. [apache] Add `includeSubDomains` directive to HSTS

    The `includeSubDomains` optional directive allows the user to apply the
    `HTTP Strict Transport Security` rule to all of the site's subdomains:
    * http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14#section-6.1
    * https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
    
    Ref: h5bp/server-configs#151
    Thomas Parisot committed with alrra May 29, 2013
  6. [lighttpd] Security enhancements

    - Avoid revealing the server name and version number
    - Disable directory listing
    
    Ref: h5bp/server-configs#150
    Ekman committed with alrra May 28, 2013
  7. Update README.md

    alrra committed Apr 19, 2013
  8. [nginx] Remove `text/html` from `gzip_types`

    Fix: #144.
    alrra committed Apr 2, 2013
Commits on Apr 1, 2013
  1. nginx.conf: repair broken log format (someone had swapped two variabl…

    …es around, breaking the intended apache log format compatibility)
    
    Conflicts:
    	nginx/nginx.conf
    Aitte committed with AD7six Feb 24, 2013
Commits on Mar 29, 2013
  1. Update server configs

    Update some of the server configurations to match
    the ones used in the Apache hypertext access file.
    alrra committed Mar 29, 2013
Commits on Mar 28, 2013
  1. [apache] Add `Open Web App Manifest` configs

    An Open Web App manifest file (having the extension `.webapp`):
    
    * must be served with a `Content-Type` header of
      `application/x-web-app-manifest+json` (this is currently not enforced
      by Firefox but is enforced by the Firefox Marketplace while, Firefox
      OS only checks this if the origin of the page where the user triggers
      the install is different from the origin of the app itself)
    
    * must be UTF-8 encoded in order to be submitted to the Firefox
      Marketplace
    
    * should not be cached (the expires headers for the manifest are usually
      ignored by Firefox but, just to be sure):
    
      "Webapps.jsm <http://mxr.mozilla.org/mozilla-central/source/dom/apps/src/Webapps.jsm>
      sets INHIBIT_CACHING <http://mxr.mozilla.org/mozilla-central/source/netwerk/base/public/nsIRequest.idl#141>
      when it downloads the manifest, which prevents Firefox from caching it
      so, in theory the Firefox app runtime won't take expires headers into
      consideration. However, INHIBIT_CACHING doesn't prevent the runtime
      from using an entry in the cache if it exists so, if you load the
      manifest yourself, f.e. to see what it looks like, while developing
      your app, Firefox might cache it, and Webapps.jsm might then get the
      cached version.
      ...
      Webapps.jsm is the implementation of the DOMApplicationRegistry that
      is responsible for managing app records, including their manifests"
    
                                ~ thanks to @mykmelez for the explanation ~
    
    * is a JSON file so, it can be compressed (the manifest validator
      <https://marketplace.firefox.com/developers/validator>, doesn't seem
      to mind)
    
    * doesn't need any of the extra headers (e.g.:`Content-Security-Policy`,
      `X-UA-Compatible`, etc.)
    
    Reference: https://developer.mozilla.org/en-US/docs/Apps/Manifest
    alrra committed Mar 28, 2013
Commits on Mar 27, 2013
  1. [apache] Consistency changes

    * Use consistent code indentation (4 spaces, 2 seems cluttered).
    * Maintain the same arrangement style for all group directives.
    alrra committed Mar 27, 2013
  2. [apache] Update code comments

    * Provide more meaningful comments and remove the superfluous ones.
    * Remove / replace outdated URLs.
    alrra committed Mar 26, 2013
  3. [apache] Remove all `php` configurations

    The php directives have been included in the Apache hypertext access
    file more as helpful information then to be used out of the box.
    
    Nowadays, the use of the directives is highly dependent on the php
    version and the way in witch php is integrated with Apache. This makes
    them less usefull by default and just extra code to remove for both
    the people that don't use php and the ones that do (especially a newer
    version).
    
    Reference: h5bp/server-configs#140
    alrra committed Mar 24, 2013
  4. [apache] Add comment about font MIME types

    Browsers usually ignore the font MIME types and sniff the content but,
    Chrome, shows a warning if TrueType / Opentype fonts aren't served with
    the `application/x-font-ttf` / `font/opentype` MIME type.
    
    References:
    * h5bp/html5-boilerplate#1317
    * http://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern
    alrra committed Mar 21, 2013
  5. [apache] Remove `php_flag register_globals Off`

    The `register_globals` directive is not required anymore as it
    defaults to `off` starting with PHP 4.2.0, is deprecated as of
    PHP 5.3.0 and removed as of PHP 5.4.0:
    http://www.php.net/manual/en/ini.core.php#ini.register-globals
    
    Also, support for PHP 4 has been discontinued since 2007-12-31:
    http://php.net/releases/index.php
    alrra committed Mar 18, 2013
  6. [apache] Update the `Custom 404 page` section

    - Provide a more meaningful description.
    - Comment out the `ErrorDocument` directive as this project doesn't
      offer the custom 404 page like other projects do.
    alrra committed Mar 2, 2013
  7. Remove all white spaces

    alrra committed Mar 1, 2013
  8. [iis] Fix JavaScript not being gzipped

    IIS requires the MIME type of JavaScript set to `text/javascript`
    in order for gzip compression to kick in. For further details, see:
    http://coderjournal.com/2008/04/iis-7-compress-javascript-gzip/
    
    Fix h5bp/server-configs#45
    Ref h5bp/server-configs#141
    mozmorris committed with alrra Mar 27, 2013