Changeset 708057
- Timestamp:
- 05/05/2013 03:29:28 AM (13 years ago)
- Location:
- roots-plug/trunk
- Files:
-
- 4 edited
-
RootsPlug/Cleanup.php (modified) (16 diffs)
-
lib/h5bp-htaccess (modified) (2 diffs)
-
readme.txt (modified) (2 diffs)
-
roots-plug.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
roots-plug/trunk/RootsPlug/Cleanup.php
r678902 r708057 22 22 private $root_rel_filters = array( 23 23 'bloginfo_url', 24 'theme_root_uri',25 'stylesheet_directory_uri',26 'template_directory_uri',27 'plugins_url',28 24 'the_permalink', 29 25 'wp_list_pages', … … 65 61 add_filter( 'template_redirect', array( $this, 'search_redirect' ) ); 66 62 67 if ( !( is_admin() || in_array( $GLOBALS['pagenow'], array( 'wp-login.php', 'wp-register.php' ) ) ) ) {68 69 $this->add_filters( $this->root_rel_filters, array( $this, 'root_relative_url' ) );63 if ( !( is_admin() || in_array( $GLOBALS['pagenow'], array( 'wp-login.php', 'wp-register.php' ) ) ) ) { 64 65 $this->add_filters( $this->root_rel_filters, array( $this, 'root_relative_url' ) ); 70 66 } 71 67 … … 79 75 * Originally from http://wpengineer.com/1438/wordpress-header/ 80 76 */ 81 //remove_action( 'wp_head', 'feed_links', 2);82 remove_action( 'wp_head', 'feed_links_extra', 3);83 remove_action( 'wp_head', 'rsd_link');84 remove_action( 'wp_head', 'wlwmanifest_link');85 remove_action( 'wp_head', 'adjacent_posts_rel_link_wp_head', 10, 0);86 remove_action( 'wp_head', 'wp_generator');87 remove_action( 'wp_head', 'wp_shortlink_wp_head', 10, 0);77 //remove_action( 'wp_head', 'feed_links', 2); 78 remove_action( 'wp_head', 'feed_links_extra', 3 ); 79 remove_action( 'wp_head', 'rsd_link' ); 80 remove_action( 'wp_head', 'wlwmanifest_link' ); 81 remove_action( 'wp_head', 'adjacent_posts_rel_link_wp_head', 10, 0 ); 82 remove_action( 'wp_head', 'wp_generator' ); 83 remove_action( 'wp_head', 'wp_shortlink_wp_head', 10, 0 ); 88 84 89 85 global $wp_widget_factory; 90 remove_action( 'wp_head', array($wp_widget_factory->widgets['WP_Widget_Recent_Comments'], 'recent_comments_style'));91 92 add_filter( 'use_default_gallery_style', '__return_null');86 remove_action( 'wp_head', array( $wp_widget_factory->widgets['WP_Widget_Recent_Comments'], 'recent_comments_style' ) ); 87 88 add_filter( 'use_default_gallery_style', '__return_null' ); 93 89 94 90 /** 95 91 * Remove the WordPress version from RSS feeds 96 92 */ 97 add_filter( 'the_generator', '__return_false');93 add_filter( 'the_generator', '__return_false' ); 98 94 99 95 … … 109 105 public function clean_style_tag( $input ) { 110 106 111 preg_match_all( "!<link rel='stylesheet'\s?(id='[^']+' )?\s+href='(.*)' type='text/css' media='(.*)' />!", $input, $matches );107 preg_match_all( "!<link rel='stylesheet'\s?(id='[^']+' )?\s+href='(.*)' type='text/css' media='(.*)' />!", $input, $matches ); 112 108 // Only display media if it's print 113 109 $media = $matches[3][0] === 'print' ? ' media="print"' : ''; … … 129 125 $output = ''; 130 126 131 if (function_exists( 'is_rtl')) {132 if (is_rtl() == 'rtl' ) {127 if (function_exists( 'is_rtl' ) ) { 128 if (is_rtl() == 'rtl' ) { 133 129 $attributes[] = 'dir="rtl"'; 134 130 } 135 131 } 136 132 137 $lang = get_bloginfo( 'language');138 139 if ($lang && $lang !== 'en-US' ) {133 $lang = get_bloginfo( 'language' ); 134 135 if ($lang && $lang !== 'en-US' ) { 140 136 $attributes[] = "lang=\"$lang\""; 141 137 } else { … … 143 139 } 144 140 145 $output = implode( ' ', $attributes);141 $output = implode( ' ', $attributes); 146 142 $output = apply_filters( __METHOD__, $output); 147 143 … … 156 152 * 157 153 * You can enable/disable this feature in config.php: 158 * current_theme_supports( 'root-relative-urls');154 * current_theme_supports( 'root-relative-urls' ); 159 155 * 160 156 * @author Scott Walkinshaw <scott.walkinshaw@gmail.com> … … 163 159 */ 164 160 public function root_relative_url( $input ) { 165 // fix for site_url != home_url() 166 if( !is_admin() && site_url() != home_url() && stristr($input, 'wp-includes') === false ) { 167 $input = str_replace(site_url(), "", $input); 168 } 169 170 $output = preg_replace_callback( 171 '!(https?://[^/|"]+)([^"]+)?!', 172 create_function( 173 '$matches', 174 // If full URL is home_url("/") and this isn't a subdir install, return a slash for relative root 175 'if (isset($matches[0]) && $matches[0] === home_url("/") && str_replace("http://", "", home_url("/", "http"))==$_SERVER["HTTP_HOST"]) { return "/";' . 176 // If domain is equal to home_url("/"), then make URL relative 177 '} elseif (isset($matches[0]) && strpos($matches[0], home_url("/")) !== false) { return $matches[2];' . 178 // If domain is not equal to home_url("/"), do not make external link relative 179 '} else { return $matches[0]; };' 180 ), 181 $input 182 ); 183 184 // detect and correct for subdir installs 185 if( $subdir = parse_url( home_url(), PHP_URL_PATH ) ) { 186 if( substr($output, 0, strlen( $subdir ) ) == ( substr( $output, strlen( $subdir ), strlen( $subdir ) ) ) ) { 187 $output = substr( $output, strlen( $subdir ) ); 188 } 189 } 161 162 $output = wp_make_link_relative($input); 190 163 191 164 return $output; … … 202 175 203 176 // Add post/page slug 204 if ( is_single() || is_page() && !is_front_page()) {205 $classes[] = basename(get_permalink() );177 if ( is_single() || is_page() && !is_front_page() ) { 178 $classes[] = basename(get_permalink() ); 206 179 } 207 180 208 181 // Remove unnecessary classes 209 $home_id_class = 'page-id-' . get_option( 'page_on_front');182 $home_id_class = 'page-id-' . get_option( 'page_on_front' ); 210 183 $remove_classes = array( 211 184 'page-template-default', 212 185 $home_id_class 213 186 ); 214 $classes = array_diff( $classes, $remove_classes);187 $classes = array_diff( $classes, $remove_classes ); 215 188 216 189 return $classes; … … 225 198 public function remove_dashboard_widgets() { 226 199 227 remove_meta_box( 'dashboard_incoming_links', 'dashboard', 'normal');228 remove_meta_box( 'dashboard_plugins', 'dashboard', 'normal');229 remove_meta_box( 'dashboard_primary', 'dashboard', 'normal');230 remove_meta_box( 'dashboard_secondary', 'dashboard', 'normal');200 remove_meta_box( 'dashboard_incoming_links', 'dashboard', 'normal' ); 201 remove_meta_box( 'dashboard_plugins', 'dashboard', 'normal' ); 202 remove_meta_box( 'dashboard_primary', 'dashboard', 'normal' ); 203 remove_meta_box( 'dashboard_secondary', 'dashboard', 'normal' ); 231 204 232 205 } … … 241 214 public function remove_self_closing_tags( $input ) { 242 215 243 return str_replace( ' />', '>', $input);216 return str_replace( ' />', '>', $input); 244 217 245 218 } … … 268 241 269 242 $default_tagline = 'Just another WordPress site'; 270 return ( $bloginfo === $default_tagline) ? '' : $bloginfo;243 return ( $bloginfo === $default_tagline ) ? '' : $bloginfo; 271 244 272 245 } … … 290 263 } 291 264 292 if (!isset($arr_registered_widgets[$this_id]) || !is_array($arr_registered_widgets[$this_id]) ) {265 if (!isset($arr_registered_widgets[$this_id]) || !is_array($arr_registered_widgets[$this_id]) ) { 293 266 return $params; 294 267 } 295 268 296 if (isset($my_widget_num[$this_id]) ) {269 if (isset($my_widget_num[$this_id]) ) { 297 270 $my_widget_num[$this_id] ++; 298 271 } else { … … 304 277 if ($my_widget_num[$this_id] == 1) { 305 278 $class .= 'widget-first '; 306 } elseif ($my_widget_num[$this_id] == count($arr_registered_widgets[$this_id]) ) {279 } elseif ($my_widget_num[$this_id] == count($arr_registered_widgets[$this_id]) ) { 307 280 $class .= 'widget-last '; 308 281 } 309 282 310 $params[0]['before_widget'] = preg_replace( '/class=\"/', "$class", $params[0]['before_widget'], 1);283 $params[0]['before_widget'] = preg_replace( '/class=\"/', "$class", $params[0]['before_widget'], 1); 311 284 312 285 return $params; … … 323 296 324 297 global $wp_rewrite; 325 if (!isset($wp_rewrite) || !is_object($wp_rewrite) || !$wp_rewrite->using_permalinks() ) {298 if (!isset($wp_rewrite) || !is_object($wp_rewrite) || !$wp_rewrite->using_permalinks() ) { 326 299 return; 327 300 } 328 301 329 302 $search_base = $wp_rewrite->search_base; 330 if ( is_search() && !is_admin() && strpos($_SERVER['REQUEST_URI'], "/{$search_base}/") === false) {331 wp_redirect( home_url("/{$search_base}/" . urlencode(get_query_var('s'))));303 if ( is_search() && !is_admin() && strpos( $_SERVER['REQUEST_URI'], "/{$search_base}/" ) === false ) { 304 wp_redirect( home_url( "/{$search_base}/" . urlencode( get_query_var( 's' ) ) ) ); 332 305 exit(); 333 306 } … … 344 317 private function add_filters( $tags, $function ) { 345 318 346 foreach( $tags as $tag) {347 add_filter( $tag, $function);319 foreach( $tags as $tag ) { 320 add_filter( $tag, $function ); 348 321 } 349 322 } -
roots-plug/trunk/lib/h5bp-htaccess
r678902 r708057 23 23 ### 24 24 25 26 27 # ---------------------------------------------------------------------- 28 # Better website experience for IE users 29 # ---------------------------------------------------------------------- 30 31 # Force the latest IE version, in various cases when it may fall back to IE7 mode 32 # github.com/rails/rails/commit/123eb25#commitcomment-118920 33 # Use ChromeFrame if it's installed for a better experience for the poor IE folk 25 # ############################################################################## 26 # # CROSS-ORIGIN RESOURCE SHARING (CORS) # 27 # ############################################################################## 28 29 # ------------------------------------------------------------------------------ 30 # | Cross-domain AJAX requests | 31 # ------------------------------------------------------------------------------ 32 33 # Enable cross-origin AJAX requests. 34 # http://code.google.com/p/html5security/wiki/CrossOriginRequestSecurity 35 # http://enable-cors.org/ 36 37 # <IfModule mod_headers.c> 38 # Header set Access-Control-Allow-Origin "*" 39 # </IfModule> 40 41 # ------------------------------------------------------------------------------ 42 # | CORS-enabled images | 43 # ------------------------------------------------------------------------------ 44 45 # Send the CORS header for images when browsers request it. 46 # https://developer.mozilla.org/en/CORS_Enabled_Image 47 # http://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html 48 # http://hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/ 49 50 <IfModule mod_setenvif.c> 51 <IfModule mod_headers.c> 52 <FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$"> 53 SetEnvIf Origin ":" IS_CORS 54 Header set Access-Control-Allow-Origin "*" env=IS_CORS 55 </FilesMatch> 56 </IfModule> 57 </IfModule> 58 59 # ------------------------------------------------------------------------------ 60 # | Web fonts access | 61 # ------------------------------------------------------------------------------ 62 63 # Allow access from all domains for web fonts 34 64 35 65 <IfModule mod_headers.c> 36 Header set X-UA-Compatible "IE=edge,chrome=1" 37 # mod_headers can't match by content-type, but we don't want to send this header on *everything*... 38 <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$"> 39 Header unset X-UA-Compatible 40 </FilesMatch> 41 </IfModule> 42 43 44 # ---------------------------------------------------------------------- 45 # Cross-domain AJAX requests 46 # ---------------------------------------------------------------------- 47 48 # Serve cross-domain Ajax requests, disabled by default. 49 # enable-cors.org 50 # code.google.com/p/html5security/wiki/CrossOriginRequestSecurity 51 52 # <IfModule mod_headers.c> 53 # Header set Access-Control-Allow-Origin "*" 54 # </IfModule> 55 56 57 # ---------------------------------------------------------------------- 58 # CORS-enabled images (@crossorigin) 59 # ---------------------------------------------------------------------- 60 61 # Send CORS headers if browsers request them; enabled by default for images. 62 # developer.mozilla.org/en/CORS_Enabled_Image 63 # blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html 64 # hacks.mozilla.org/2011/11/using-cors-to-load-webgl-textures-from-cross-domain-images/ 65 # wiki.mozilla.org/Security/Reviews/crossoriginAttribute 66 67 <IfModule mod_setenvif.c> 68 <IfModule mod_headers.c> 69 # mod_headers, y u no match by Content-Type?! 70 <FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$"> 71 SetEnvIf Origin ":" IS_CORS 72 Header set Access-Control-Allow-Origin "*" env=IS_CORS 66 <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$"> 67 Header set Access-Control-Allow-Origin "*" 73 68 </FilesMatch> 74 </IfModule> 75 </IfModule> 76 77 78 # ---------------------------------------------------------------------- 79 # Webfont access 80 # ---------------------------------------------------------------------- 81 82 # Allow access from all domains for webfonts. 83 # Alternatively you could only whitelist your 84 # subdomains like "subdomain.example.com". 69 </IfModule> 70 71 72 # ############################################################################## 73 # # ERRORS # 74 # ############################################################################## 75 76 # ------------------------------------------------------------------------------ 77 # | 404 error prevention for non-existing redirected folders | 78 # ------------------------------------------------------------------------------ 79 80 # Prevent Apache from returning a 404 error for a rewrite if a directory 81 # with the same name does not exist. 82 # http://httpd.apache.org/docs/current/content-negotiation.html#multiviews 83 # http://www.webmasterworld.com/apache/3808792.htm 84 85 # Options -MultiViews 86 87 88 # ############################################################################## 89 # # INTERNET EXPLORER # 90 # ############################################################################## 91 92 # ------------------------------------------------------------------------------ 93 # | Better website experience | 94 # ------------------------------------------------------------------------------ 95 96 # Force IE to render pages in the highest available mode in the various 97 # cases when it may not: http://hsivonen.iki.fi/doctype/ie-mode.pdf. 98 # Use, if installed, Google Chrome Frame. 85 99 86 100 <IfModule mod_headers.c> 87 <FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$"> 88 Header set Access-Control-Allow-Origin "*" 89 </FilesMatch> 90 </IfModule> 91 92 93 # ---------------------------------------------------------------------- 94 # Proper MIME type for all files 95 # ---------------------------------------------------------------------- 96 97 # JavaScript 98 # Normalize to standard type (it's sniffed in IE anyways) 99 # tools.ietf.org/html/rfc4329#section-7.2 100 AddType application/javascript js jsonp 101 AddType application/json json 102 103 # Audio 104 AddType audio/mp4 m4a f4a f4b 105 AddType audio/ogg oga ogg 106 107 # Video 108 AddType video/mp4 mp4 m4v f4v f4p 109 AddType video/ogg ogv 110 AddType video/webm webm 111 AddType video/x-flv flv 112 113 # SVG 114 # Required for svg webfonts on iPad 115 # twitter.com/FontSquirrel/status/14855840545 116 AddType image/svg+xml svg svgz 117 AddEncoding gzip svgz 118 119 # Webfonts 120 AddType application/font-woff woff 121 AddType application/vnd.ms-fontobject eot 122 AddType application/x-font-ttf ttf ttc 123 AddType font/opentype otf 124 125 # Assorted types 126 AddType application/octet-stream safariextz 127 AddType application/x-chrome-extension crx 128 AddType application/x-opera-extension oex 129 AddType application/x-shockwave-flash swf 130 AddType application/x-web-app-manifest+json webapp 131 AddType application/x-xpinstall xpi 132 AddType application/xml rss atom xml rdf 133 AddType image/webp webp 134 AddType image/x-icon ico 135 AddType text/cache-manifest appcache manifest 136 AddType text/vtt vtt 137 AddType text/x-component htc 138 AddType text/x-vcard vcf 139 140 141 # ---------------------------------------------------------------------- 142 # Allow concatenation from within specific js and css files 143 # ---------------------------------------------------------------------- 144 145 # e.g. Inside of script.combined.js you could have 146 # <!--#include file="libs/jquery-1.5.0.min.js" --> 147 # <!--#include file="plugins/jquery.idletimer.js" --> 148 # and they would be included into this single file. 149 150 # This is not in use in the boilerplate as it stands. You may 151 # choose to use this technique if you do not have a build process. 152 153 #<FilesMatch "\.combined\.js$"> 154 # Options +Includes 155 # AddOutputFilterByType INCLUDES application/javascript application/json 156 # SetOutputFilter INCLUDES 157 #</FilesMatch> 158 159 #<FilesMatch "\.combined\.css$"> 160 # Options +Includes 161 # AddOutputFilterByType INCLUDES text/css 162 # SetOutputFilter INCLUDES 163 #</FilesMatch> 164 165 166 # ---------------------------------------------------------------------- 167 # Gzip compression 168 # ---------------------------------------------------------------------- 169 170 <IfModule mod_deflate.c> 171 172 # Force deflate for mangled headers developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping/ 173 <IfModule mod_setenvif.c> 174 <IfModule mod_headers.c> 175 SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding 176 RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding 177 </IfModule> 178 </IfModule> 179 180 # Compress all output labeled with one of the following MIME-types 181 # (for Apache versions below 2.3.7, you don't need to enable `mod_filter` 182 # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines as 183 # `AddOutputFilterByType` is still in the core directives) 184 <IfModule mod_filter.c> 185 AddOutputFilterByType DEFLATE application/atom+xml \ 186 application/javascript \ 187 application/json \ 188 application/rss+xml \ 189 application/vnd.ms-fontobject \ 190 application/x-font-ttf \ 191 application/xhtml+xml \ 192 application/xml \ 193 font/opentype \ 194 image/svg+xml \ 195 image/x-icon \ 196 text/css \ 197 text/html \ 198 text/plain \ 199 text/x-component \ 200 text/xml 201 </IfModule> 202 203 </IfModule> 204 205 206 # ---------------------------------------------------------------------- 207 # Prevent mobile network providers from modifying your site 208 # ---------------------------------------------------------------------- 209 210 # The following header prevents modification of your code over 3G on some 211 # European providers. 212 # This is the official 'bypass' suggested by O2 in the UK. 213 214 # <IfModule mod_headers.c> 215 # Header set Cache-Control "no-transform" 216 # </IfModule> 217 218 219 # ---------------------------------------------------------------------- 220 # Stop screen flicker in IE on CSS rollovers 221 # ---------------------------------------------------------------------- 222 223 # The following directives stop screen flicker in IE on CSS rollovers - in 224 # combination with the "ExpiresByType" rules for images (see above). 101 Header set X-UA-Compatible "IE=edge,chrome=1" 102 # `mod_headers` can't match based on the content-type, however, we only 103 # want to send this header for HTML pages and not for the other resources 104 <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$"> 105 Header unset X-UA-Compatible 106 </FilesMatch> 107 </IfModule> 108 109 # ------------------------------------------------------------------------------ 110 # | Cookie setting from iframes | 111 # ------------------------------------------------------------------------------ 112 113 # Allow cookies to be set from iframes in IE. 114 115 # <IfModule mod_headers.c> 116 # Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" 117 # </IfModule> 118 119 # ------------------------------------------------------------------------------ 120 # | Screen flicker | 121 # ------------------------------------------------------------------------------ 122 123 # Stop screen flicker in IE on CSS rollovers (this only works in 124 # combination with the `ExpiresByType` directives for images from below). 225 125 226 126 # BrowserMatch "MSIE" brokenvary=1 … … 230 130 231 131 232 # ---------------------------------------------------------------------- 233 # Set Keep-Alive Header 234 # ---------------------------------------------------------------------- 235 236 # Keep-Alive allows the server to send multiple requests through one 237 # TCP-connection. Be aware of possible disadvantages of this setting. Turn on 238 # if you serve a lot of static content. 239 240 # <IfModule mod_headers.c> 241 # Header set Connection Keep-Alive 242 # </IfModule> 243 244 245 # ---------------------------------------------------------------------- 246 # Cookie setting from iframes 247 # ---------------------------------------------------------------------- 248 249 # Allow cookies to be set from iframes (for IE only) 250 # If needed, specify a path or regex in the Location directive. 251 252 # <IfModule mod_headers.c> 253 # Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" 254 # </IfModule> 255 256 257 # ---------------------------------------------------------------------- 258 # Built-in filename-based cache busting 259 # ---------------------------------------------------------------------- 260 261 # If you're not using the build script to manage your filename version revving, 262 # you might want to consider enabling this, which will route requests for 263 # `/css/style.20110203.css` to `/css/style.css`. 264 265 # To understand why this is important and a better idea than all.css?v1231, 266 # please refer to the bundled documentation about `.htaccess`. 132 # ############################################################################## 133 # # MIME TYPES AND ENCODING # 134 # ############################################################################## 135 136 # ------------------------------------------------------------------------------ 137 # | Proper MIME types for all files | 138 # ------------------------------------------------------------------------------ 139 140 <IfModule mod_mime.c> 141 142 # Audio 143 AddType audio/mp4 m4a f4a f4b 144 AddType audio/ogg oga ogg 145 146 # JavaScript 147 # Normalize to standard type (it's sniffed in IE anyways): 148 # http://tools.ietf.org/html/rfc4329#section-7.2 149 AddType application/javascript js jsonp 150 AddType application/json json 151 152 # Video 153 AddType video/mp4 mp4 m4v f4v f4p 154 AddType video/ogg ogv 155 AddType video/webm webm 156 AddType video/x-flv flv 157 158 # Web fonts 159 AddType application/font-woff woff 160 AddType application/vnd.ms-fontobject eot 161 162 # Browsers usually ignore the font MIME types and sniff the content, 163 # however, Chrome shows a warning if other MIME types are used for the 164 # following fonts. 165 AddType application/x-font-ttf ttc ttf 166 AddType font/opentype otf 167 168 # Make SVGZ fonts work on iPad: 169 # https://twitter.com/FontSquirrel/status/14855840545 170 AddType image/svg+xml svg svgz 171 AddEncoding gzip svgz 172 173 # Other 174 AddType application/octet-stream safariextz 175 AddType application/x-chrome-extension crx 176 AddType application/x-opera-extension oex 177 AddType application/x-shockwave-flash swf 178 AddType application/x-web-app-manifest+json webapp 179 AddType application/x-xpinstall xpi 180 AddType application/xml atom rdf rss xml 181 AddType image/webp webp 182 AddType image/x-icon ico 183 AddType text/cache-manifest appcache manifest 184 AddType text/vtt vtt 185 AddType text/x-component htc 186 AddType text/x-vcard vcf 187 188 </IfModule> 189 190 # ------------------------------------------------------------------------------ 191 # | UTF-8 encoding | 192 # ------------------------------------------------------------------------------ 193 194 # Use UTF-8 encoding for anything served as `text/html` or `text/plain`. 195 AddDefaultCharset utf-8 196 197 # Force UTF-8 for certain file formats. 198 <IfModule mod_mime.c> 199 AddCharset utf-8 .atom .css .js .json .rss .vtt .webapp .xml 200 </IfModule> 201 202 203 # ############################################################################## 204 # # SECURITY # 205 # ############################################################################## 206 207 # ------------------------------------------------------------------------------ 208 # | Content Security Policy (CSP) | 209 # ------------------------------------------------------------------------------ 210 211 # You can mitigate the risk of cross-site scripting and other content-injection 212 # attacks by setting a Content Security Policy which whitelists trusted sources 213 # of content for your site. 214 215 # The example header below allows ONLY scripts that are loaded from the current 216 # site's origin (no inline scripts, no CDN, etc). This almost certainly won't 217 # work as-is for your site! 218 219 # To get all the details you'll need to craft a reasonable policy for your site, 220 # read: http://html5rocks.com/en/tutorials/security/content-security-policy (or 221 # see the specification: http://w3.org/TR/CSP). 222 223 # <IfModule mod_headers.c> 224 # Header set Content-Security-Policy "script-src 'self'; object-src 'self'" 225 # <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webapp|webm|webp|woff|xml|xpi)$"> 226 # Header unset Content-Security-Policy 227 # </FilesMatch> 228 # </IfModule> 229 230 # ------------------------------------------------------------------------------ 231 # | File access | 232 # ------------------------------------------------------------------------------ 233 234 # Block access to directories without a default document. 235 # Usually you should leave this uncommented because you shouldn't allow anyone 236 # to surf through every directory on your server (which may includes rather 237 # private places like the CMS's directories). 238 239 <IfModule mod_autoindex.c> 240 Options -Indexes 241 </IfModule> 242 243 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 244 245 # Block access to hidden files and directories. 246 # This includes directories used by version control systems such as Git and SVN. 247 248 <IfModule mod_rewrite.c> 249 RewriteCond %{SCRIPT_FILENAME} -d [OR] 250 RewriteCond %{SCRIPT_FILENAME} -f 251 RewriteRule "(^|/)\." - [F] 252 </IfModule> 253 254 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 255 256 # Block access to backup and source files. 257 # These files may be left by some text editors and can pose a great security 258 # danger when anyone has access to them. 259 260 <FilesMatch "(^#.*#|\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|sw[op])|~)$"> 261 Order allow,deny 262 Deny from all 263 Satisfy All 264 </FilesMatch> 265 266 # Block access to WordPress files that reveal version information. 267 <FilesMatch "^(wp-config\.php|readme\.html|license\.txt)"> 268 Order allow,deny 269 Deny from all 270 Satisfy All 271 </FilesMatch> 272 273 # ------------------------------------------------------------------------------ 274 # | Secure Sockets Layer (SSL) | 275 # ------------------------------------------------------------------------------ 276 277 # Rewrite secure requests properly to prevent SSL certificate warnings, e.g.: 278 # prevent `https://www.example.com` when your certificate only allows 279 # `https://secure.example.com`. 267 280 268 281 # <IfModule mod_rewrite.c> 269 # RewriteCond %{REQUEST_FILENAME} !-f 270 # RewriteCond %{REQUEST_FILENAME} !-d 271 # RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L] 272 # </IfModule> 273 274 275 # ---------------------------------------------------------------------- 276 # Prevent SSL cert warnings 277 # ---------------------------------------------------------------------- 278 279 # Rewrite secure requests properly to prevent SSL cert warnings, e.g. prevent 280 # https://www.example.com when your cert only allows https://secure.example.com 281 282 # <IfModule mod_rewrite.c> 283 # RewriteCond %{SERVER_PORT} !^443 284 # RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L] 285 # </IfModule> 286 287 288 # ---------------------------------------------------------------------- 289 # Force client-side SSL redirection 290 # ---------------------------------------------------------------------- 291 292 # If a user types "example.com" in her browser, the above rule will redirect her 282 # RewriteCond %{SERVER_PORT} !^443 283 # RewriteRule ^ https://example-domain-please-change-me.com%{REQUEST_URI} [R=301,L] 284 # </IfModule> 285 286 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 287 288 # Force client-side SSL redirection. 289 290 # If a user types "example.com" in his browser, the above rule will redirect him 293 291 # to the secure version of the site. That still leaves a window of opportunity 294 292 # (the initial HTTP connection) for an attacker to downgrade or redirect the 295 # request. The following header ensures that browser will **only** connect to 296 # your server via HTTPS, regardless of what users type in the address bar. 297 298 # <IfModule mod_headers.c> 299 # Header set Strict-Transport-Security max-age=16070400; 300 # </IfModule> 301 302 303 # ---------------------------------------------------------------------- 304 # Prevent 404 errors for non-existing redirected folders 305 # ---------------------------------------------------------------------- 306 307 # without -MultiViews, Apache will give a 404 for a rewrite if a folder of the 308 # same name does not exist. 309 # webmasterworld.com/apache/3808792.htm 310 311 # Options -MultiViews 312 313 314 # ---------------------------------------------------------------------- 315 # UTF-8 encoding 316 # ---------------------------------------------------------------------- 317 318 # Use UTF-8 encoding for anything served text/plain or text/html 319 AddDefaultCharset utf-8 320 321 # Force UTF-8 for a number of file formats 322 AddCharset utf-8 .atom .css .js .json .rss .vtt .xml 323 324 325 # ---------------------------------------------------------------------- 326 # A little more security 327 # ---------------------------------------------------------------------- 328 329 # To avoid displaying the exact version number of Apache being used, add the 330 # following to httpd.conf (it will not work in .htaccess): 293 # request. The following header ensures that browser will ONLY connect to your 294 # server via HTTPS, regardless of what the users type in the address bar. 295 # http://www.html5rocks.com/en/tutorials/security/transport-layer-security/ 296 297 # <IfModule mod_headers.c> 298 # Header set Strict-Transport-Security max-age=16070400; 299 # </IfModule> 300 301 # ------------------------------------------------------------------------------ 302 # | Server software information | 303 # ------------------------------------------------------------------------------ 304 305 # Avoid displaying the exact Apache version number, the description of the 306 # generic OS-type and the information about Apache's compiled-in modules. 307 308 # ADD THIS DIRECTIVE IN THE `httpd.conf` AS IT WILL NOT WORK IN THE `.htaccess`! 309 331 310 # ServerTokens Prod 332 311 333 # "-Indexes" will have Apache block users from browsing folders without a 334 # default document Usually you should leave this activated, because you 335 # shouldn't allow everybody to surf through every folder on your server (which 336 # includes rather private places like CMS system folders). 337 <IfModule mod_autoindex.c> 338 Options -Indexes 339 </IfModule> 340 341 # Block access to "hidden" directories or files whose names begin with a 342 # period. This includes directories used by version control systems such as 343 # Subversion or Git. 344 <IfModule mod_rewrite.c> 345 RewriteCond %{SCRIPT_FILENAME} -d [OR] 346 RewriteCond %{SCRIPT_FILENAME} -f 347 RewriteRule "(^|/)\." - [F] 348 </IfModule> 349 350 # Block access to backup and source files. These files may be left by some 351 # text/html editors and pose a great security danger, when anyone can access 352 # them. 353 <FilesMatch "(\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|swp)|~)$"> 354 Order allow,deny 355 Deny from all 356 Satisfy All 357 </FilesMatch> 358 359 # If your server is not already configured as such, the following directive 360 # should be uncommented in order to set PHP's register_globals option to OFF. 361 # This closes a major security hole that is abused by most XSS (cross-site 362 # scripting) attacks. For more information: http://php.net/register_globals 363 # 364 # IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS: 365 # 366 # Your server does not allow PHP directives to be set via .htaccess. In that 367 # case you must make this change in your php.ini file instead. If you are 368 # using a commercial web host, contact the administrators for assistance in 369 # doing this. Not all servers allow local php.ini files, and they should 370 # include all PHP configurations (not just this one), or you will effectively 371 # reset everything to PHP defaults. Consult www.php.net for more detailed 372 # information about setting PHP directives. 373 374 # php_flag register_globals Off 375 376 # Rename session cookie to something else, than PHPSESSID 377 # php_value session.name sid 378 379 # Disable magic quotes (This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.) 380 # php_flag magic_quotes_gpc Off 381 382 # Do not show you are using PHP 383 # Note: Move this line to php.ini since it won't work in .htaccess 384 # php_flag expose_php Off 385 386 # Level of log detail - log all errors 387 # php_value error_reporting -1 388 389 # Write errors to log file 390 # php_flag log_errors On 391 392 # Do not display errors in browser (production - Off, development - On) 393 # php_flag display_errors Off 394 395 # Do not display startup errors (production - Off, development - On) 396 # php_flag display_startup_errors Off 397 398 # Format errors in plain text 399 # Note: Leave this setting 'On' for xdebug's var_dump() output 400 # php_flag html_errors Off 401 402 # Show multiple occurrence of error 403 # php_flag ignore_repeated_errors Off 404 405 # Show same errors from different sources 406 # php_flag ignore_repeated_source Off 407 408 # Size limit for error messages 409 # php_value log_errors_max_len 1024 410 411 # Don't precede error with string (doesn't accept empty string, use whitespace if you need) 412 # php_value error_prepend_string " " 413 414 # Don't prepend to error (doesn't accept empty string, use whitespace if you need) 415 # php_value error_append_string " " 416 417 # Increase cookie security 418 <IfModule mod_php5.c> 419 php_value session.cookie_httponly true 420 </IfModule> 312 313 # ############################################################################## 314 # # WEB PERFORMANCE # 315 # ############################################################################## 316 317 # ------------------------------------------------------------------------------ 318 # | Compression | 319 # ------------------------------------------------------------------------------ 320 321 <IfModule mod_deflate.c> 322 323 # Force compression for mangled headers. 324 # http://developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping 325 <IfModule mod_setenvif.c> 326 <IfModule mod_headers.c> 327 SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding 328 RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding 329 </IfModule> 330 </IfModule> 331 332 # Compress all output labeled with one of the following MIME-types 333 # (for Apache versions below 2.3.7, you don't need to enable `mod_filter` 334 # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines 335 # as `AddOutputFilterByType` is still in the core directives). 336 <IfModule mod_filter.c> 337 AddOutputFilterByType DEFLATE application/atom+xml \ 338 application/javascript \ 339 application/json \ 340 application/rss+xml \ 341 application/vnd.ms-fontobject \ 342 application/x-font-ttf \ 343 application/x-web-app-manifest+json \ 344 application/xhtml+xml \ 345 application/xml \ 346 font/opentype \ 347 image/svg+xml \ 348 image/x-icon \ 349 text/css \ 350 text/html \ 351 text/plain \ 352 text/x-component \ 353 text/xml 354 </IfModule> 355 356 </IfModule> 357 358 # ------------------------------------------------------------------------------ 359 # | Content transformations | 360 # ------------------------------------------------------------------------------ 361 362 # Prevent some of the mobile network providers from modifying the content of 363 # your site: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.5. 364 365 # <IfModule mod_headers.c> 366 # Header set Cache-Control "no-transform" 367 # </IfModule> 368 369 # ------------------------------------------------------------------------------ 370 # | Filename-based cache busting | 371 # ------------------------------------------------------------------------------ 372 373 # If you're not using a build process to manage your filename version revving, 374 # you might want to consider enabling the following directives to route all 375 # requests such as `/css/style.12345.css` to `/css/style.css`. 376 377 # To understand why this is important and a better idea than `*.css?v231`, read: 378 # http://stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring 379 380 # <IfModule mod_rewrite.c> 381 # RewriteCond %{REQUEST_FILENAME} !-f 382 # RewriteCond %{REQUEST_FILENAME} !-d 383 # RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L] 384 # </IfModule> 385 386 # ------------------------------------------------------------------------------ 387 # | File concatenation | 388 # ------------------------------------------------------------------------------ 389 390 # Allow concatenation from within specific CSS and JS files, e.g.: 391 # Inside of `script.combined.js` you could have 392 # <!--#include file="libs/jquery.js" --> 393 # <!--#include file="plugins/jquery.idletimer.js" --> 394 # and they would be included into this single file. 395 396 # <IfModule mod_include.c> 397 # <FilesMatch "\.combined\.js$"> 398 # Options +Includes 399 # AddOutputFilterByType INCLUDES application/javascript application/json 400 # SetOutputFilter INCLUDES 401 # </FilesMatch> 402 # <FilesMatch "\.combined\.css$"> 403 # Options +Includes 404 # AddOutputFilterByType INCLUDES text/css 405 # SetOutputFilter INCLUDES 406 # </FilesMatch> 407 # </IfModule> 408 409 # ------------------------------------------------------------------------------ 410 # | Persistent connections | 411 # ------------------------------------------------------------------------------ 412 413 # Allow multiple requests to be sent over the same TCP connection: 414 # http://httpd.apache.org/docs/current/en/mod/core.html#keepalive. 415 416 # Enable if you serve a lot of static content but, be aware of the 417 # possible disadvantages! 418 419 # <IfModule mod_headers.c> 420 # Header set Connection Keep-Alive 421 # </IfModule> -
roots-plug/trunk/readme.txt
r680238 r708057 5 5 Requires at least: 3.5 6 6 Tested up to: 3.5 7 Stable tag: 1. 1.07 Stable tag: 1.2.0 8 8 License: GPLv2 9 9 … … 30 30 31 31 == Changelog == 32 33 = 1.2.0 34 * Updated `.htaccess` file from [Roots repo](https://github.com/retlehs/wp-h5bp-htaccess) 35 * Updated [relative URL cleanup](https://github.com/retlehs/roots/commit/a8c543753ae4f2e9b39a9ece4f023d54f95c6588) 32 36 33 37 = 1.1.0 = -
roots-plug/trunk/roots-plug.php
r680238 r708057 4 4 Plugin URI: http://zslabs.com 5 5 Description: Base plugin 6 Version: 1. 1.06 Version: 1.2.0 7 7 Author: Zach Schnackel 8 8 Author URI: http://zslabs.com … … 73 73 * @var string 74 74 */ 75 public $version = '1. 0.1';75 public $version = '1.2.0'; 76 76 77 77 /**
Note: See TracChangeset
for help on using the changeset viewer.