Nginx HTTP server boilerplate configs
ssl_prefer_server_ciphers
to off
by @avj in https://github.com/h5bp/server-configs-nginx/pull/328
browsing-topics
to Permissions-Policy
header by @dmarti in https://github.com/h5bp/server-configs-nginx/pull/323
Full Changelog: https://github.com/h5bp/server-configs-nginx/compare/5.0.0...5.0.1
Cache-Control
definition and usage
Cache-Control
boilerplate with extensive control by @LeoColomb in https://github.com/h5bp/server-configs-nginx/pull/319
no-cache
directive on cache expiration config by @allantatter in https://github.com/h5bp/server-configs-nginx/pull/314
expires
map by @LeoColomb in https://github.com/h5bp/server-configs-nginx/pull/324
image/avif-sequence
MIME-type in https://github.com/h5bp/server-configs-nginx/commit/4bc5275d5a3fdb34e6298240db7215c3270a916e
Full Changelog: https://github.com/h5bp/server-configs-nginx/compare/4.2.0...5.0.0
.ico
files [537a0229a1bfa89ebc983aa0d78b62cb6998a997]Recommended reading: https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/
X-UA-Compatible
and X-XSS-Protection
headers) [4556277] [836467c]Permissions-Policy
header [36310b9]Content-Security-Policy
disallow 'object-src' by default [8600df1]image/jxl
[b9ef881]image/avif
and image/avifs
[a9aea70]image/apng
[ba4967f]strict-origin-when-cross-origin
[e0724b814952f6aee3c09dd578480c9c143955ae]Cache-Control: no-transform
usage [bc39e4c07d23edfc0acd3c11de88e95af5880eee]Cache-Control: no-transform
usage [282d979]basic.conf
includes [29ff09a]resolver
[28874c3]sites-enabled
/available
to conf.d
[306af367e97a5f177b8bc479cef416fef2508732]h5bp/
directives to strict atomic structure [496af1cfd535d472d8bbd2db0a322f988803741b] [2d135053cbd96e1e74884e4395c3163b8a39602f]1b2b4eb...d2531ac
]add_header
directives with expires
directives [135d093a7505a72810156760b23b1f03e18c8b0a]inline
script [8a4a1ce706eb90d820f6a2ccaa23f5f55e6c056e]