fix: add security headers and no-cache for index.html in nginx config
- X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy - Prevent caching index.html so SPA updates are always picked up - Add engines field (node >=18) and lint:fix script to package.json
This commit is contained in:
@@ -537,7 +537,8 @@
|
|||||||
## Item #50
|
## Item #50
|
||||||
- **Date:** 2026-02-12
|
- **Date:** 2026-02-12
|
||||||
- **Priority:** medium
|
- **Priority:** medium
|
||||||
- **Status:** pending
|
- **Status:** done
|
||||||
|
- **Completed:** 2026-02-13 — commit `f09482e`
|
||||||
- **Description:** Multi-tab — split view for 2 sessions side by side
|
- **Description:** Multi-tab — split view for 2 sessions side by side
|
||||||
- Allow viewing 2 sessions simultaneously in a split pane layout
|
- Allow viewing 2 sessions simultaneously in a split pane layout
|
||||||
- Drag-to-resize divider between panes
|
- Drag-to-resize divider between panes
|
||||||
|
|||||||
15
nginx.conf
15
nginx.conf
@@ -4,16 +4,29 @@ server {
|
|||||||
root /usr/share/nginx/html;
|
root /usr/share/nginx/html;
|
||||||
index index.html;
|
index index.html;
|
||||||
|
|
||||||
|
# Security headers
|
||||||
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
|
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
|
||||||
|
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
try_files $uri $uri/ /index.html;
|
try_files $uri $uri/ /index.html;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Cache static assets
|
# Cache static assets (hashed filenames — safe to cache forever)
|
||||||
location /assets/ {
|
location /assets/ {
|
||||||
expires 1y;
|
expires 1y;
|
||||||
add_header Cache-Control "public, immutable";
|
add_header Cache-Control "public, immutable";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Don't cache index.html (SPA entry point must always be fresh)
|
||||||
|
location = /index.html {
|
||||||
|
add_header Cache-Control "no-cache, no-store, must-revalidate";
|
||||||
|
add_header Pragma "no-cache";
|
||||||
|
add_header Expires "0";
|
||||||
|
}
|
||||||
|
|
||||||
# Gzip
|
# Gzip
|
||||||
gzip on;
|
gzip on;
|
||||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml text/javascript image/svg+xml;
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml text/javascript image/svg+xml;
|
||||||
|
|||||||
@@ -30,7 +30,8 @@
|
|||||||
"dev": "vite",
|
"dev": "vite",
|
||||||
"build": "tsc -b && vite build",
|
"build": "tsc -b && vite build",
|
||||||
"lint": "eslint .",
|
"lint": "eslint .",
|
||||||
"preview": "vite preview"
|
"preview": "vite preview",
|
||||||
|
"lint:fix": "eslint . --fix"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@radix-ui/react-collapsible": "^1.1.12",
|
"@radix-ui/react-collapsible": "^1.1.12",
|
||||||
@@ -63,5 +64,8 @@
|
|||||||
"typescript": "~5.9.3",
|
"typescript": "~5.9.3",
|
||||||
"typescript-eslint": "^8.48.0",
|
"typescript-eslint": "^8.48.0",
|
||||||
"vite": "^7.3.1"
|
"vite": "^7.3.1"
|
||||||
|
},
|
||||||
|
"engines": {
|
||||||
|
"node": ">=18"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user