htaccess: https redirect on Upgrade-Insecure-Requests header

[sheet.git] / .htaccess

diff --git a/.htaccess b/.htaccess
index aaebe0cbeb1becbaba529a7c65ad112944b87102..f6a07f70f110e35f4d9aa3821d09ecde1f72152a 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -1,5 +1,6 @@
-Options        -MultiViews
+Options        -MultiViews -Indexes
 DirectoryIndex index.plp
+DirectorySlash Off
 
 RewriteEngine  on
 RewriteBase    /
@@ -12,15 +13,29 @@ RewriteRule ^(vi(?=m$)|.*)           http://sheet.shiar.nl/$1 [R=301]
 RewriteRule ^vim$                    /vi [R=301]
 RewriteRule ^cc$                     /countries [R=301]
 
+# forward to https protocol if requested
+RewriteCond %{HTTPS}                          =off
+RewriteCond %{HTTP:Upgrade-Insecure-Requests} =1
+RewriteRule (.*)                     https://%{HTTP_HOST}/$1  [L]
+
 # serve vim commands when requesting /digraphs.ex as well
 RewriteRule    ^(digraphs)\.ex(/.*)?$ $1.vim$2
 
 # add .plp if a file exists with .plp appended (topdir only)
-RewriteCond    %{REQUEST_FILENAME}.plp  -f
+RewriteCond    %{REQUEST_FILENAME}     !-f
+RewriteCond    %{DOCUMENT_ROOT}/$1.plp  -f
 RewriteRule    ^/*([^/]+)(.*)           $1.plp$2
 
-# compress html output if accepted by client
-<IfModule deflate_module>
-AddOutputFilterByType DEFLATE text/html
+# replace jpeg images by webp alternatives if supported
+RewriteCond    %{HTTP_ACCEPT}           \bimage/webp
+RewriteCond    %{DOCUMENT_ROOT}/$1.webp -f
+RewriteRule    (.*)\.jpg$               $1.webp
+
+# allow browsers to cache for upto a month
+<IfModule headers_module>
+<FilesMatch "\.(?:css|js|json)$">
+Header set Cache-Control "max-age=2592000"
+Header set Access-Control-Allow-Origin "*"
+</FilesMatch>
 </IfModule>