aalfiann · March 14, 2018 11:52
diff --git a/multiple-acao-htaccess.txt b/multiple-acao-htaccess.txt
 <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule . index.php [L]
 	SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
 </IfModule>

 <IfModule mod_headers.c>
 	# Example multiple Access Control Allow Origin (ACAO)
  #SetEnvIf Origin "http(s)?://(www\.)?(google.com|staging.google.com|development.google.com|proxy1.omovv.com|server.omovv.com)$" AccessControlAllowOrigin=$0
  #Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin

 	# Unset Server Signature header
 	ServerSignature Off

 	# Unset Server Technology header
 	Header unset X-Powered-By

 	# Set XSS Protection header
 	Header set X-XSS-Protection "1; mode=block"

 	# Set content-sniffing protection
 	Header set X-Content-Type-Options nosniff
 </IfModule>
	<IfModule mod_rewrite.c>
	RewriteEngine on
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteRule . index.php [L]
	SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
	</IfModule>

	<IfModule mod_headers.c>
	# Example multiple Access Control Allow Origin (ACAO)
	#SetEnvIf Origin "http(s)?://(www\.)?(google.com\|staging.google.com\|development.google.com\|proxy1.omovv.com\|server.omovv.com)$" AccessControlAllowOrigin=$0
	#Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin

	# Unset Server Signature header
	ServerSignature Off

	# Unset Server Technology header
	Header unset X-Powered-By

	# Set XSS Protection header
	Header set X-XSS-Protection "1; mode=block"

	# Set content-sniffing protection
	Header set X-Content-Type-Options nosniff
	</IfModule>