<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="recommended" id="recommended">Sample Configurations</a></h2>
- <p>This is a simple sample configuration for the impatient.</p>
-
- <div class="example"><h3>Compress only a few types</h3><p><code>
- AddOutputFilterByType DEFLATE text/html text/plain text/xml
- </code></p></div>
-
- <p>The following configuration, while resulting in more compressed content,
- is also much more complicated. Do not use this unless you fully understand
- all the configuration details.</p>
-
- <div class="example"><h3>Compress everything except images</h3><p><code>
- <Location /><br />
- <span class="indent">
- # Insert filter<br />
- SetOutputFilter DEFLATE<br />
- <br />
- # Netscape 4.x has some problems...<br />
- BrowserMatch ^Mozilla/4 gzip-only-text/html<br />
- <br />
- # Netscape 4.06-4.08 have some more problems<br />
- BrowserMatch ^Mozilla/4\.0[678] no-gzip<br />
- <br />
- # MSIE masquerades as Netscape, but it is fine<br />
- BrowserMatch \bMSIE !no-gzip !gzip-only-text/html<br />
- # Don't compress images<br />
- SetEnvIfNoCase Request_URI \<br />
- <span class="indent">
- \.(?:gif|jpe?g|png)$ no-gzip dont-vary<br />
- </span>
- <br />
- # Make sure proxies don't deliver the wrong content<br />
- Header append Vary User-Agent env=!dont-vary<br />
- </span>
- </Location>
- </code></p></div>
+ <div class="warning"><h3>Compression and TLS</h3>
+ <p>Some web applications are vulnerable to an information disclosure
+ attack when a TLS connection carries deflate compressed data. For more
+ information, review the details of the "BREACH" family of attacks.</p>
+ </div>
+ <p>This is a simple configuration that compresses common text-based content types.</p>
+
+ <div class="example"><h3>Compress only a few types</h3><pre class="prettyprint lang-config">AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript</pre>
+</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<seealso><a href="../filter.html">Filters</a></seealso>
<section id="recommended"><title>Sample Configurations</title>
- <p>This is a simple sample configuration for the impatient.</p>
+ <note type="warning"><title>Compression and TLS</title>
+ <p>Some web applications are vulnerable to an information disclosure
+ attack when a TLS connection carries deflate compressed data. For more
+ information, review the details of the "BREACH" family of attacks.</p>
+ </note>
+ <p>This is a simple configuration that compresses common text-based content types.</p>
<example><title>Compress only a few types</title>
- AddOutputFilterByType DEFLATE text/html text/plain text/xml
- </example>
-
- <p>The following configuration, while resulting in more compressed content,
- is also much more complicated. Do not use this unless you fully understand
- all the configuration details.</p>
-
- <example><title>Compress everything except images</title>
- <Location /><br />
- <indent>
- # Insert filter<br />
- SetOutputFilter DEFLATE<br />
- <br />
- # Netscape 4.x has some problems...<br />
- BrowserMatch ^Mozilla/4 gzip-only-text/html<br />
- <br />
- # Netscape 4.06-4.08 have some more problems<br />
- BrowserMatch ^Mozilla/4\.0[678] no-gzip<br />
- <br />
- # MSIE masquerades as Netscape, but it is fine<br />
- BrowserMatch \bMSIE !no-gzip !gzip-only-text/html<br />
- # Don't compress images<br />
- SetEnvIfNoCase Request_URI \<br />
- <indent>
- \.(?:gif|jpe?g|png)$ no-gzip dont-vary<br />
- </indent>
- <br />
- # Make sure proxies don't deliver the wrong content<br />
- Header append Vary User-Agent env=!dont-vary<br />
- </indent>
- </Location>
+ <highlight language="config">
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
+ </highlight>
</example>
</section>
projects / thirdparty / apache / httpd.git / commitdiff
