sosuke.iwabuchi
/
SATE-EasyReceipt
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

htaccess対応

develop
sosuke.iwabuchi 2 years ago
parent
47514c610f
commit
c3c5e855eb
1 changed files with 38 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +38
    -0
      public/.htaccess

+ 38
- 0
public/.htaccess View File

@@ -5,6 +5,30 @@

RewriteEngine On

# 環境判定判定
SetEnvIf HOST "^.*easyreceipt.jp$" isProduction=yes
SetEnvIf HOST "15.152.238.14" isStaging=yes
SetEnvIf HOST "^localhost.*$" isLocal=yes

# SSL強制
RewriteCond %{ENV:isProduction} yes
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# SSL強制のキャッシュ
Header set "Strict-Transport-Security" "max-age=86400" env=isProduction
Header unset X-Powered-By

Header set "Content-Security-Policy" "default-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: api.iconify.design;font-src 'self' fonts.gstatic.com;frame-ancestors 'none';form-action 'self';connect-src 'self' https:" env=isProduction
Header set "Content-Security-Policy" "default-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com;img-src 'self' data: api.iconify.design;font-src 'self' fonts.gstatic.com;frame-ancestors 'none';form-action 'self';connect-src 'self' https:" env=isStaging

Header set "X-Frame-Options" "deny" env=isProduction
Header set "X-Frame-Options" "deny" env=isStaging

Header set "Cache-Control" "no-cache, no-store, must-revalidate"
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -18,4 +42,18 @@
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

# 以下、ファイルアクセス
# リソース判定
SetEnvIf Request_URI "^\/static\/js\/.+\.js$" isJsFile=yes
SetEnvIf Request_URI "^\/static\/css\/.+\.css$" isCssFile=yes
SetEnvIf Request_URI "^\/fonts\/.+$" isFontFile=yes

Header set "Cache-Control" "private, no-cache" env=isJsFile
Header set "Cache-Control" "private, no-cache" env=isCssFile
Header set "Cache-Control" "private, no-cache" env=isFontFile

Header set "X-Content-Type-Options" "nosniff" env=isProduction
Header set "X-Content-Type-Options" "nosniff" env=isStaging

</IfModule>

Write Preview
Loading…
Cancel
Save