From ca24fdebc51df8b61d0204db3f4d72b5a4a11eaf Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 18 May 2021 02:45:10 -0400
Subject: [PATCH] use prefix match for fonts instead of regex

---
 nginx/nginx.conf | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 0067d31e..f5e31702 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -238,6 +238,14 @@ http {
             return 301 /;
         }
 
+        location ^~ /fonts/ {
+            include snippets/security-headers.conf;
+            add_header Cross-Origin-Resource-Policy "same-origin" always;
+            add_header Cache-Control "public, max-age=31536000, immutable";
+            gzip_static off;
+            brotli_static off;
+        }
+
         location ~ "\.webmanifest$" {
             include snippets/security-headers.conf;
             add_header Cross-Origin-Resource-Policy "same-origin" always;
@@ -257,14 +265,6 @@ http {
             add_header Cache-Control "public, max-age=31536000";
         }
 
-        location ~ "\.woff2$" {
-            include snippets/security-headers.conf;
-            add_header Cross-Origin-Resource-Policy "same-origin" always;
-            add_header Cache-Control "public, max-age=31536000, immutable";
-            gzip_static off;
-            brotli_static off;
-        }
-
         location ~ "\.png$" {
             include snippets/security-headers.conf;
             # avoid breaking image hotlinking such as https://github.com/TryGhost/Ghost/issues/12880