2021-06-06 02:02:22 +03:00
|
|
|
# This is the file that generates and deploys https://www.roc-lang.org,
|
|
|
|
|
# which is served on Netlify.
|
|
|
|
|
#
|
|
|
|
|
# Netlify's docs for how this configuration file works:
|
|
|
|
|
# https://docs.netlify.com/routing/headers/#syntax-for-the-netlify-configuration-file
|
|
|
|
|
[build]
|
|
|
|
|
publish = "build/"
|
2022-03-01 03:39:06 +03:00
|
|
|
command = "bash netlify.sh"
|
2022-03-03 02:45:55 +03:00
|
|
|
# Always build on push - see https://answers.netlify.com/t/builds-cancelled-for-a-new-branch-due-to-no-content-change/17169/2
|
|
|
|
|
ignore = "/bin/false"
|
2021-06-06 02:02:22 +03:00
|
|
|
|
|
|
|
|
[[headers]]
|
|
|
|
|
for = "/*"
|
|
|
|
|
[headers.values]
|
|
|
|
|
X-Frame-Options = "DENY"
|
|
|
|
|
X-XSS-Protection = "1; mode=block"
|
2023-11-11 04:16:58 +03:00
|
|
|
X-Content-Type-Options = "nosniff"
|
|
|
|
|
# Firefox prefetch requires some cache-control to be set
|
|
|
|
|
# See https://bugzilla.mozilla.org/show_bug.cgi?id=1527334
|
|
|
|
|
Cache-Control = "public, max-age=1200"
|
|
|
|
|
|
|
|
|
|
[[headers]]
|
|
|
|
|
for = "/packages/*"
|
|
|
|
|
[headers.values]
|
|
|
|
|
X-Frame-Options = "DENY"
|
|
|
|
|
X-XSS-Protection = "1; mode=block"
|
|
|
|
|
X-Content-Type-Options = "nosniff"
|
2022-03-03 07:58:06 +03:00
|
|
|
# unsafe-eval is needed for wasm compilation in the repl to work on Safari and Chrome;
|
|
|
|
|
# otherwise they block it.
|
|
|
|
|
# TODO figure out how to tell Netlify to apply that policy only to the repl, not to everything.
|
2022-11-18 18:09:02 +03:00
|
|
|
#
|
|
|
|
|
# This style-src hash is to permit the <style> in the favicon so it looks good in both light and
|
|
|
|
|
# dark mode. Favicons can only do this using inline <style> tags, so this exception is needed!
|
2022-11-19 12:51:10 +03:00
|
|
|
#
|
|
|
|
|
# When changing the favicon's <style>, generate a new hash and put it here using:
|
|
|
|
|
#
|
2022-11-19 13:50:19 +03:00
|
|
|
# $ echo -n "polygon{fill:#7d59dd}@media (prefers-color-scheme: dark){polygon{fill:#9c7bea}}" | openssl dgst -sha256 -binary | openssl enc -base64
|
2022-11-19 12:51:10 +03:00
|
|
|
#
|
|
|
|
|
# Details on how this works: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
|
2023-11-03 04:07:43 +03:00
|
|
|
#
|
2023-11-03 15:27:11 +03:00
|
|
|
# Also note that the sha256 in the script-src is for the <script> in the <head>
|
|
|
|
|
# which removes the 'no-js' class. When changing it, use:
|
|
|
|
|
#
|
|
|
|
|
# $ echo -n "document.documentElement.className = document.documentElement.className.replace('no-js', '');" | openssl dgst -sha256 -binary | openssl enc -base64
|
|
|
|
|
#
|
|
|
|
|
# In both cases, the sha256 should be in this format: 'sha256-MySha256GoesHere'
|
2023-11-11 04:16:58 +03:00
|
|
|
Content-Security-Policy = "default-src 'self'; img-src *; script-src 'self' 'sha256-glHRII/7b3zzlpV/fHgyDU43eehue/Hg2K6Ihbt7o6Q='; style-src 'self' 'sha256-07CmErfGgav8i4u4UOrGznokE/Q4Cax2Kmj7zGcW4l8=' 'unsafe-inline';"
|
2022-09-01 21:17:51 +03:00
|
|
|
# Firefox prefetch requires some cache-control to be set
|
|
|
|
|
# See https://bugzilla.mozilla.org/show_bug.cgi?id=1527334
|
|
|
|
|
Cache-Control = "public, max-age=1200"
|
2021-06-06 02:02:22 +03:00
|
|
|
|
2023-11-03 05:59:41 +03:00
|
|
|
[[headers]]
|
|
|
|
|
for = "/fonts/*"
|
|
|
|
|
|
|
|
|
|
[headers.values]
|
|
|
|
|
# Preloading fonts requires CORS headers for some reason
|
|
|
|
|
Access-Control-Allow-Origin = "*"
|
|
|
|
|
|
2021-06-06 02:02:22 +03:00
|
|
|
# Redirect roc-lang.org/authors to the AUTHORS file in this repo
|
|
|
|
|
#
|
|
|
|
|
# This is referenced in the LICENSE file, which says to see roc-lang.org/authors
|
|
|
|
|
# for a list of authors!
|
|
|
|
|
[[redirects]]
|
|
|
|
|
from = "/authors"
|
2022-06-27 18:26:41 +03:00
|
|
|
to = "https://raw.githubusercontent.com/roc-lang/roc/main/AUTHORS"
|
2021-06-06 02:02:22 +03:00
|
|
|
force = true
|
2022-06-27 18:26:41 +03:00
|
|
|
status = 200
|
