-
Notifications
You must be signed in to change notification settings - Fork 26
/
app.yaml
125 lines (105 loc) · 3.35 KB
/
app.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# Google App Engine application config file tailored to static websites.
# Inspired by: https://github.com/h5bp/server-configs-gae
# Complete documentation can be found here:
# https://developers.google.com/appengine/docs/php/config/appconfig
runtime: python27
api_version: 1
threadsafe: yes
default_expiration: "365d" # 1 year, expiration on GAE is max 1 year
handlers:
# Fonts and images
- url: /(.+\.(eot|otf|tt[cf]|woff2?|cur|gif|ico|jpe?g|png|svgz?|webp))
static_files: \1
upload: (.+\.(eot|otf|tt[cf]|woff2?|cur|gif|ico|jpe?g|png|svgz?|webp))
secure: always
http_headers:
# Allow cross-origin access to web fonts and images
# You can also replace "*" with a specific host, e.g. https://example.org
Access-Control-Allow-Origin: "*"
# CSS, Javascript, JSON and other file types
- url: /cache-config.json
static_files: cache-config.json
upload: cache-config.json
expiration: "0m"
secure: always
http_headers:
Vary: Accept-Encoding
- url: /sw-import.js
static_files: sw-import.js
upload: sw-import.js
expiration: "0m"
secure: always
http_headers:
Vary: Accept-Encoding
- url: /(.+\.(css|js|json|xml))
static_files: \1
upload: (.+\.(css|js|json|xml))
secure: always
http_headers:
Vary: Accept-Encoding
# HTML pages
- url: /404.html
static_files: 404.html
upload: 404.html
expiration: "5m"
secure: always
mime_type: text/html; charset=UTF-8
- url: /elements/(.+\.html)
static_files: elements/\1
upload: elements/(.+\.html)
secure: always
mime_type: text/html; charset=UTF-8
- url: /(.+\.html)
static_files: \1
upload: (.+\.html)
expiration: "5m"
secure: always
mime_type: text/html; charset=UTF-8
http_headers:
# Force Internet Explorer to render pages in the highest available
# mode in the various cases when it may not.
# https://hsivonen.fi/doctype/#ie8
X-UA-Compatible: "IE=edge"
# For more details on how to craft a reasonable policy for your site, read:
# http://www.html5rocks.com/en/tutorials/security/content-security-policy/ (or
# the specification: http://www.w3.org/TR/CSP11/). Also, to make things easier,
# you can use an online CSP header generator such as: http://cspisawesome.com/.
#Content-Security-Policy: "script-src 'self'; object-src 'self'"
# Text files
- url: /humans.txt
static_files: humans.txt
upload: humans.txt
expiration: "5m"
secure: always
- url: /robots.txt
static_files: robots.txt
upload: robots.txt
expiration: "5m"
secure: always
- url: /(.+\.txt)
static_files: \1
upload: (.+\.txt)
secure: always
# Homepage
- url: .*
static_files: index.html
upload: index.html
expiration: "0m"
secure: always
mime_type: text/html; charset=UTF-8
http_headers:
Link: '</themes/default-theme/fonts/Roboto-normal-500.woff>; rel=preload; as=font,
</elements/base-bundle.html>; rel=preload; as=document,
</cache-config.json>; rel=preload; as=json,
</elements/base-bundle.js>; rel=preload; as=script,
</scripts/app.min.js>; rel=preload; as=script,
</bower_components/platinum-sw/service-worker.js>; rel=preload; as=script,
</sw-import.js>; rel=preload; as=script'
X-UA-Compatible: "IE=edge"
#Content-Security-Policy: "script-src 'self'; object-src 'self'"
skip_files:
- ^(.*/)?app\.yaml
- ^(.*/)?app\.yml
- ^(.*/)?#.*#
- ^(.*/)?.*~
- ^(.*/)?.*\.py[co]