SecureBitChat/securebit-chat
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
4b8c8829f129ffef794e6d9d3600e5aa75f58e1d
securebit-chat/.htaccess
lockbitchat 4b8c8829f1
Some checks failed
CodeQL Analysis / Analyze CodeQL (push) Has been cancelled
Details
Deploy Application / deploy (push) Has been cancelled
Details
Mirror to Codeberg / mirror (push) Has been cancelled
Details
Mirror to PrivacyGuides / mirror (push) Has been cancelled
Details
Fix CSP errors, MIME types, and Service Worker issues 
- Move CSP frame-ancestors and report-uri to HTTP headers
- Fix font-src to allow fonts.gstatic.com
- Add MIME type configuration for .jsx files
- Improve Service Worker error handling with cache fallback
- Rebuild application
2026-01-06 23:01:32 -04:00

200 lines
6.1 KiB
ApacheConf
Raw Blame History

# SecureBit.chat - Apache Configuration
# Comprehensive caching configuration for forced updates
# ============================================
# MIME TYPES - MUST BE FIRST (before other rules)
# ============================================
# Critical: Set MIME types BEFORE any other rules to ensure correct Content-Type headers
<IfModule mod_mime.c>
# JavaScript modules - explicit order matters
AddType application/javascript .jsx
AddType application/javascript .mjs
AddType application/javascript .js
AddType application/json .json
# Fonts
AddType font/woff .woff
AddType font/woff2 .woff2
AddType application/font-woff .woff
AddType application/font-woff2 .woff2
# Service Worker
AddType application/manifest+json .webmanifest
</IfModule>
# Force Content-Type headers (override any server defaults)
<IfModule mod_headers.c>
# All JavaScript files including JSX - CRITICAL for ES modules
<FilesMatch "\.(js|mjs|jsx)$">
Header always set Content-Type "application/javascript; charset=utf-8"
</FilesMatch>
</IfModule>
# Enable mod_rewrite
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
</IfModule>
# ============================================
# CRITICAL FILES - NO CACHING
# ============================================
# meta.json - versioning file (never cache)
<FilesMatch "meta\.json$">
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires "0"
Header set X-Content-Type-Options "nosniff"
</IfModule>
</FilesMatch>
# HTML files - always fresh
<FilesMatch "\.(html|htm)$">
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires "0"
# Remove ETag for validation
Header unset ETag
FileETag None
</IfModule>
</FilesMatch>
# Service Worker - no cache
<FilesMatch "sw\.js$">
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires "0"
Header set Service-Worker-Allowed "/"
</IfModule>
</FilesMatch>
# manifest.json - no cache
<FilesMatch "manifest\.json$">
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires "0"
</IfModule>
</FilesMatch>
# ============================================
# STATIC RESOURCES - AGGRESSIVE CACHING
# ============================================
# JavaScript files in dist/ - no cache (for updates)
<FilesMatch "^dist/.*\.(js|mjs)$">
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0"
Header set Pragma "no-cache"
Header set Expires "0"
Header set X-Content-Type-Options "nosniff"
</IfModule>
</FilesMatch>
# JavaScript files with hashes in other locations - long cache
<FilesMatch "\.(js|mjs)$">
<IfModule mod_headers.c>
# Files with hashes in name - cache for one year
Header set Cache-Control "public, max-age=31536000, immutable"
Header set X-Content-Type-Options "nosniff"
</IfModule>
</FilesMatch>
# CSS files - long cache
<FilesMatch "\.css$">
<IfModule mod_headers.c>
Header set Cache-Control "public, max-age=31536000, immutable"
</IfModule>
</FilesMatch>
# Images - long cache
<FilesMatch "\.(jpg|jpeg|png|gif|webp|svg|ico)$">
<IfModule mod_headers.c>
Header set Cache-Control "public, max-age=31536000, immutable"
</IfModule>
</FilesMatch>
# Fonts - long cache
<FilesMatch "\.(woff|woff2|ttf|otf|eot)$">
<IfModule mod_headers.c>
Header set Cache-Control "public, max-age=31536000, immutable"
Header set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
# Audio/Video - long cache
<FilesMatch "\.(mp3|mp4|webm|ogg)$">
<IfModule mod_headers.c>
Header set Cache-Control "public, max-age=31536000, immutable"
</IfModule>
</FilesMatch>
# ============================================
# SECURITY
# ============================================
# XSS Protection
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options "nosniff"
Header set Referrer-Policy "strict-origin-when-cross-origin"
Header set X-Frame-Options "DENY"
</IfModule>
# Content Security Policy (frame-ancestors and report-uri only work in HTTP headers, not meta tags)
<IfModule mod_headers.c>
Header set Content-Security-Policy "frame-ancestors 'none'; report-uri /csp-report; report-to csp-endpoint;"
</IfModule>
# ============================================
# GZIP COMPRESSION
# ============================================
<IfModule mod_deflate.c>
# Compress text files
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json application/xml
# Compress fonts
AddOutputFilterByType DEFLATE font/woff font/woff2 application/font-woff application/font-woff2
</IfModule>
# ============================================
# CLOUDFLARE RULES
# ============================================
# Cloudflare can cache static files, but should not cache:
# - meta.json
# - index.html
# - sw.js
# - manifest.json
# These rules are applied at Cloudflare Page Rules level
# (see CLOUDFLARE_SETUP.md documentation)
# ============================================
# SPA FALLBACK
# ============================================
# If file not found, redirect to index.html (for SPA routing)
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/meta\.json$
RewriteCond %{REQUEST_URI} !^/sw\.js$
RewriteCond %{REQUEST_URI} !^/manifest\.json$
RewriteRule ^(.*)$ /index.html [L]
</IfModule>
# ============================================
# LOGGING (optional)
# ============================================
# Uncomment for debugging
# LogLevel rewrite:trace3
Reference in New Issue View Git Blame Copy Permalink