2022-01-04 07:28:17 +01:00
|
|
|
# angular builds to index.html
|
|
|
|
index index.html;
|
|
|
|
|
|
|
|
# tor onion redirect
|
|
|
|
add_header Onion-Location http://$onion.onion$request_uri;
|
|
|
|
|
|
|
|
# HSTS preload enable
|
|
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
|
|
|
|
|
|
|
# generate frame configuration from origin header
|
|
|
|
set $frameOptions "DENY";
|
|
|
|
set $contentSecurityPolicy "frame-ancestors 'none'";
|
|
|
|
|
|
|
|
# used for iframes on https://mempool.space/network
|
|
|
|
if ($http_referer ~ ^https://mempool.space/)
|
|
|
|
{
|
|
|
|
set $frameOptions "ALLOW-FROM https://mempool.space";
|
|
|
|
set $contentSecurityPolicy "frame-ancestors https://mempool.space";
|
|
|
|
}
|
|
|
|
# used for iframes on https://mempool.ninja/network
|
|
|
|
if ($http_referer ~ ^https://mempool.ninja/)
|
|
|
|
{
|
|
|
|
set $frameOptions "ALLOW-FROM https://mempool.ninja";
|
|
|
|
set $contentSecurityPolicy "frame-ancestors https://mempool.ninja";
|
|
|
|
}
|
|
|
|
# used for iframes on https://wiz.biz/bitcoin/nodes
|
|
|
|
if ($http_referer ~ ^https://wiz.biz/)
|
|
|
|
{
|
|
|
|
set $frameOptions "ALLOW-FROM https://wiz.biz";
|
|
|
|
set $contentSecurityPolicy "frame-ancestors https://wiz.biz";
|
|
|
|
}
|
|
|
|
|
|
|
|
# restrict usage of frames
|
|
|
|
add_header X-Frame-Options $frameOptions;
|
|
|
|
add_header Content-Security-Policy $contentSecurityPolicy;
|
|
|
|
|
|
|
|
# enable browser and proxy caching
|
|
|
|
add_header Cache-Control "public, no-transform";
|
|
|
|
|
|
|
|
# vary cache if user changes language preference
|
|
|
|
add_header Vary Accept-Language;
|
|
|
|
add_header Vary Cookie;
|
|
|
|
|
|
|
|
# fallback for all URLs i.e. /address/foo /tx/foo /block/000
|
|
|
|
location / {
|
|
|
|
try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect;
|
|
|
|
expires 10m;
|
|
|
|
}
|
|
|
|
location /resources {
|
|
|
|
try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect;
|
|
|
|
expires 1h;
|
|
|
|
}
|
|
|
|
location @index-redirect {
|
|
|
|
rewrite (.*) /$lang/index.html;
|
|
|
|
}
|
|
|
|
|
|
|
|
# location block using regex are matched in order
|
|
|
|
|
|
|
|
# used to rewrite resources from /<lang>/ to /en-US/
|
|
|
|
location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/resources/ {
|
|
|
|
rewrite ^/[a-zA-Z-]*/resources/(.*) /en-US/resources/$1;
|
|
|
|
}
|
|
|
|
# used for cookie override
|
|
|
|
location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/ {
|
|
|
|
try_files $uri $uri/ /$1/index.html =404;
|
2022-01-04 09:27:37 +01:00
|
|
|
}
|