Skip to content

Instantly share code, notes, and snippets.

@douglasjunior
Created May 14, 2024 23:07
Show Gist options
  • Save douglasjunior/8be14c88fce2ac3b07f559112d29b0c8 to your computer and use it in GitHub Desktop.
Save douglasjunior/8be14c88fce2ac3b07f559112d29b0c8 to your computer and use it in GitHub Desktop.
Nginx config for SPAs
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
# X-Frame-Options is to prevent from clickJacking attack
add_header X-Frame-Options SAMEORIGIN;
# disable content-type sniffing on some browsers.
add_header X-Content-Type-Options nosniff;
# This header enables the Cross-site scripting (XSS) filter
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "no-referrer-when-downgrade";
location /assets {
try_files $uri $uri/;
expires modified 1y;
add_header Cache-Control "public";
access_log off;
}
location /fonts {
try_files $uri $uri/;
expires modified 1y;
add_header Cache-Control "public";
access_log off;
}
location / {
try_files $uri $uri/ /index.html;
expires -1;
add_header Cache-Control "no-store, no-cache, must-revalidate";
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment