security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

use http2_push instead of http2_push_preload

Browse Source 
This avoids needing to conditionally add nopush to each preloaded
resource in the Link header. There's also no support for pushing
JavaScript modules via http2_push_preload since nginx doesn't have
support for rel=modulepreload.
This commit is contained in:
Daniel Micay 2021-12-05 02:48:44 -05:00
parent 27c50cd9a7
commit 7010b230c5
3 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
nginx/nginx.conf
View File

@ -77,15 +77,26 @@ http {
default 0;
}
map $nopush $preload_resources {
1 "<{{path|/main.css}}>; rel=preload; nopush; as=style; integrity={{integrity|/main.css}}, </fonts/roboto-v29-regular-latin.woff2>; rel=preload; nopush; as=font; crossorigin, </fonts/roboto-v29-bold-latin.woff2>; rel=preload; nopush; as=font; crossorigin, <{{path|/mask-icon.svg}}>; rel=preload; nopush; as=image";
default "<{{path|/main.css}}>; rel=preload; as=style; integrity={{integrity|/main.css}}, </fonts/roboto-v29-regular-latin.woff2>; rel=preload; as=font; crossorigin, </fonts/roboto-v29-bold-latin.woff2>; rel=preload; as=font; crossorigin, <{{path|/mask-icon.svg}}>; rel=preload; as=image";
}
map $nopush $push_cookie {
0 "__Host-preload=1; HttpOnly; Secure; SameSite=Lax; Path=/";
}
map $nopush $push_stylesheet {
0 "{{path|/main.css}}";
}
map $nopush $push_font_regular {
0 /fonts/roboto-v29-regular-latin.woff2;
}
map $nopush $push_font_bold {
0 /fonts/roboto-v29-bold-latin.woff2;
}
map $nopush $push_mask_icon {
0 "{{path|/mask-icon.svg}}";
}
server {
listen 80 backlog=4096;
listen [::]:80 backlog=4096;

7
nginx/snippets/preload.conf
View File

@ -1,3 +1,6 @@
add_header Link $preload_resources always;
add_header Link "<{{path|/main.css}}>; rel=preload; as=style; integrity={{integrity|/main.css}}, </fonts/roboto-v29-regular-latin.woff2>; rel=preload; as=font; crossorigin, </fonts/roboto-v29-bold-latin.woff2>; rel=preload; as=font; crossorigin, <{{path|/mask-icon.svg}}>; rel=preload; as=image" always;
add_header Set-Cookie $push_cookie always;
http2_push_preload on;
http2_push $push_stylesheet;
http2_push $push_font_regular;
http2_push $push_font_bold;
http2_push $push_mask_icon;

2
process-static
View File

@ -41,7 +41,7 @@ for file in static-tmp/**/*.css static-tmp/js/*.js static-tmp/mask-icon.svg; do
replace+=";s@{{path|/${file#*/}}}@/${dest#*/}@g"
done
sed -i "$replace" static-tmp/**/*.html nginx-tmp/nginx.conf
sed -i "$replace" static-tmp/**/*.html nginx-tmp/nginx.conf nginx-tmp/snippets/preload.conf
gixy nginx-tmp/nginx.conf