InvoiceShelf/public/.htaccess

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Send Requests To Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

# Enable Brotli compression with priority over gzip
<IfModule mod_brotli.c>
    AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript application/json application/xml application/rss+xml application/font-woff application/font-woff2
    # Force Brotli compression if available
    SetEnvIf Accept-Encoding br brotli
</IfModule>

# Enable gzip compression only if Brotli is unavailable
<IfModule mod_deflate.c>
    <IfModule !mod_brotli.c>
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json application/xml application/rss+xml application/font-woff application/font-woff2
    </IfModule>
</IfModule>

# This configuration allows browsers to cache assets locally
<IfModule mod_headers.c>
   <FilesMatch "\.(js|css|jpg|jpeg|png|gif|ico|svg|woff2?|ttf|eot)$">
       <If "%{REQUEST_URI} =~ m#^/build/assets/#">
           Header set Cache-Control "public, max-age=31536000, immutable"
           Header set Pragma "public"
           Header unset ETag
           FileETag None
           Header unset Last-Modified
       </If>
   </FilesMatch>

   # Security headers
   Header set X-Frame-Options "SAMEORIGIN"
   Header set X-Content-Type-Options "nosniff"
   Header set X-XSS-Protection "1; mode=block"
    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
</IfModule>