Daniel Micay
|
6aeda1a29e
|
nginx: remove redundant tcp_nodelay option
|
2021-04-16 13:34:00 -04:00 |
|
Daniel Micay
|
2632df2a2f
|
remove obsolete mask icon redirects
|
2021-04-16 08:42:48 -04:00 |
|
Daniel Micay
|
39c0b55422
|
finish setting up CORP headers and document issues
|
2021-04-15 04:37:25 -04:00 |
|
Daniel Micay
|
56d73685e3
|
avoid breaking image hotlinking for now
|
2021-04-15 04:23:34 -04:00 |
|
Daniel Micay
|
e7f6cff9c2
|
remove legacy mstile redirects
|
2021-04-15 03:23:50 -04:00 |
|
Daniel Micay
|
682c078830
|
simplify error page configuration
|
2021-04-14 23:41:03 -04:00 |
|
Daniel Micay
|
d069da17c8
|
set CORP header for error responses too
|
2021-04-14 23:30:01 -04:00 |
|
Daniel Micay
|
c7d1bdce2e
|
expand same-origin CORP header usage
|
2021-04-14 23:08:44 -04:00 |
|
Daniel Micay
|
2f61719328
|
mark js/mjs as immutable too
|
2021-04-11 23:28:04 -04:00 |
|
Daniel Micay
|
42c521e38b
|
expand same-origin CORP header usage
|
2021-03-31 14:50:36 -04:00 |
|
Daniel Micay
|
150b04c601
|
start deploying same-origin CORP conservatively
|
2021-03-30 13:17:46 -04:00 |
|
Daniel Micay
|
43949eb637
|
move static site root to /srv
|
2021-03-30 10:58:04 -04:00 |
|
Daniel Micay
|
19f1f9b700
|
move mta-sts data to /srv
|
2021-03-29 17:08:02 -04:00 |
|
Daniel Micay
|
ba1047b121
|
set immutable for woff2 cache headers
|
2021-03-27 09:05:58 -04:00 |
|
Daniel Micay
|
54845bd077
|
update naming for Roboto fonts
|
2021-03-27 09:02:36 -04:00 |
|
Daniel Micay
|
c3cd0bf24a
|
set immutable for CSS cache header
|
2021-03-26 21:25:30 -04:00 |
|
Daniel Micay
|
342a31c06c
|
automate CSS/JS cache busting
|
2021-03-26 21:03:34 -04:00 |
|
Daniel Micay
|
6160770d00
|
force cache revalidation for (unversioned) html
|
2021-03-26 19:32:22 -04:00 |
|
Daniel Micay
|
3cfe562892
|
enforce strict Trusted Types without policies
|
2021-03-26 13:44:32 -04:00 |
|
Daniel Micay
|
a0d93f3375
|
explicitly set SameSite for preload session cookie
|
2021-03-23 10:46:50 -04:00 |
|
Daniel Micay
|
a3b9058e10
|
work around legacy CSP handling by AV/extensions
|
2021-03-21 11:21:28 -04:00 |
|
Daniel Micay
|
aae0ac8edf
|
replace legacy /install redirect
|
2021-03-06 22:38:39 -05:00 |
|
Daniel Micay
|
d12871ad4a
|
add grapheneos.ovh domain
|
2021-03-01 11:48:03 -05:00 |
|
Daniel Micay
|
0ebc070231
|
fix redirect of mangled backlinks
|
2021-02-23 22:32:03 -05:00 |
|
Daniel Micay
|
038af56748
|
add svg logo to initial preload/push
|
2021-02-20 12:27:19 -05:00 |
|
Daniel Micay
|
f298ee4b2b
|
use once per session preload / push
|
2021-02-15 04:23:56 -05:00 |
|
Daniel Micay
|
ba302d9f86
|
use a single Link header for preloading
|
2021-02-15 03:41:54 -05:00 |
|
Daniel Micay
|
0c006f9afd
|
add preload headers for core fonts
|
2021-02-15 03:25:22 -05:00 |
|
Daniel Micay
|
08affd9558
|
make redirects more robust
|
2021-02-15 02:27:42 -05:00 |
|
Daniel Micay
|
e5fd95c5ff
|
use relative include for security headers
|
2021-02-14 09:29:59 -05:00 |
|
Daniel Micay
|
796bb82e8f
|
fix broken double slash redirect
nginx doesn't sanitize input to statements like return.
|
2021-02-14 09:19:04 -05:00 |
|
Daniel Micay
|
997f062ac6
|
add brotli static configuration
|
2021-02-14 00:45:30 -05:00 |
|
Daniel Micay
|
87e5622def
|
switch to nginx user
|
2021-02-14 00:44:46 -05:00 |
|
Daniel Micay
|
2c3b0f28c0
|
add redirects to handle reversed order for install
|
2021-01-27 20:55:52 -05:00 |
|
Daniel Micay
|
ff49f1000d
|
add mjs extension to nginx configuration
|
2021-01-27 20:29:33 -05:00 |
|
Daniel Micay
|
57f77c96cb
|
drop support for obsolete Feature-Policy header
This has been replaced by Permissions-Policy.
|
2021-01-26 10:58:00 -05:00 |
|
Daniel Micay
|
154a0ee9dc
|
fix typo in URL
|
2021-01-25 09:16:34 -05:00 |
|
Daniel Micay
|
4ff446e2d4
|
create an install directory with an index page
|
2021-01-24 11:27:08 -05:00 |
|
Daniel Micay
|
548b13c09d
|
temporarily disable Trusted Types for web-install
This can be enabled again when the zip library supports it.
|
2021-01-23 20:56:05 -05:00 |
|
Daniel Micay
|
498e250eb2
|
allow search engines to index /web-install
|
2021-01-23 04:07:11 -05:00 |
|
Daniel Micay
|
795e3e2fdc
|
increase types_hash_max_size to 4096
|
2021-01-20 10:19:04 -05:00 |
|
Daniel Micay
|
fadb840633
|
add grapheneos.info domain
|
2021-01-16 17:38:20 -05:00 |
|
Daniel Micay
|
1b0c6ea5e4
|
add grapheneos.com domain
|
2021-01-15 13:54:57 -05:00 |
|
Daniel Micay
|
ee25be54bf
|
use more permissive X-Robots-Tag for web-install
|
2021-01-07 11:00:37 -05:00 |
|
Daniel Micay
|
fe063f50fe
|
add foundation for WebUSB-based install page
|
2021-01-05 05:34:45 -05:00 |
|
Daniel Micay
|
011af9527f
|
add redirects for URLs with extra slashes
|
2021-01-01 23:43:08 -05:00 |
|
Daniel Micay
|
a2a29e3809
|
set up nginx stub_status module
|
2021-01-01 03:01:51 -05:00 |
|
Daniel Micay
|
d0f56dc6ab
|
document deprecated/obsolete headers
|
2020-12-31 21:31:07 -05:00 |
|
Daniel Micay
|
3ad973636d
|
exact match for broken replacement character URL
|
2020-12-31 20:26:03 -05:00 |
|
Daniel Micay
|
469e30fbd9
|
only match end of path for brotli/gzip location
|
2020-12-31 20:17:25 -05:00 |
|