Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nginx configuration for SPAs (Single page applications) such as React or Angular
# https://www.zeolearn.com/magazine/setting-caching-headers-for-a-spa-in-nginx-cache
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
# X-Frame-Options is to prevent from clickJacking attack
add_header X-Frame-Options SAMEORIGIN;
# disable content-type sniffing on some browsers.
add_header X-Content-Type-Options nosniff;
# This header enables the Cross-site scripting (XSS) filter
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "no-referrer-when-downgrade";
# Enables response header of "Vary: Accept-Encoding"
gzip_vary on;
location /static/settings.json {
try_files $uri $uri/;
expires -1;
add_header Cache-Control "no-store, no-cache, must-revalidate";
}
location /static {
try_files $uri $uri/;
expires modified 1y;
add_header Cache-Control "public";
access_log off;
}
location / {
try_files $uri $uri/ /index.html;
expires -1;
add_header Cache-Control "no-store, no-cache, must-revalidate";
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment