Update the web app manifest file related configs

The specification for the manifest file for web applications was
recently updated¹ and it changed one of the recommended file extensions
from `.manifest` to the unique `.webmanifest`².

  "`.manifest` was the recommended file extension for the
   Application Cache manifest file, and then, it was changed³
   to `.appcache` in order to "avoid clashing with Microsoft's
   unregistered `application/manifest` type".

   So, taking into consideration also the legacy aspects,
   recommending `.manifest` as the file extension creates even
   more "clashing", and this can complicate things when it comes
   to server configs (e.g.: especially as in some of the cases,
   things like the media type matter).

   ...

   It's not only about "sending the recommended mime type".
   Some servers (e.g.: Apache) rely on the media type for
   different settings (e.g: ExpiresByType), and not having
   a unique file extension sometimes makes the mapping to
   a media type not so straightforward. "

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

¹ w3c/manifest@0eecadd
² w3c/manifest#346
³ https://html5.org/r/5812

CHANGELOG.md

@@ -1,3 +1,7 @@
+### HEAD
+
+* Update the web app manifest file related configs.
+
 ### 2.13.0 (March 4, 2015)
 
 * Remove the mapping of `.manifest` files to the `text/cache-manifest` media type

dist/.htaccess

@@ -130,7 +130,7 @@ Options -MultiViews
     # the `X-UA-Compatible` response header should be send only for
     # HTML documents and not for the other resources.
 
-    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
         Header unset X-UA-Compatible
     </FilesMatch>
 
@@ -185,37 +185,7 @@ Options -MultiViews
 
   # Manifest files
 
-    # If you are providing a web application manifest file (see
-    # the specification: https://w3c.github.io/manifest/), it is
-    # recommended that you serve it with the `application/manifest+json`
-    # media type.
-    #
-    # Because the web application manifest file doesn't have its
-    # own unique file extension, you can set its media type either
-    # by matching:
-    #
-    # 1) the exact location of the file (this can be done using a
-    #    directive such as `<Location>`, but it will NOT work in
-    #    the `.htaccess` file, so you will have to do it in the main
-    #    server configuration file or inside of a `<VirtualHost>`
-    #    container)
-    #
-    #    e.g.:
-    #
-    #       <Location "/.well-known/manifest.json">
-    #           AddType application/manifest+json               json
-    #       </Location>
-    #
-    # 2) the filename (this can be problematic as you will need to
-    #    ensure that you don't have any other file with the same name
-    #    as the one you gave to your web application manifest file)
-    #
-    #    e.g.:
-    #
-    #       <Files "manifest.json">
-    #           AddType application/manifest+json               json
-    #       </Files>
-
+    AddType application/manifest+json                   webmanifest
     AddType application/x-web-app-manifest+json         webapp
     AddType text/cache-manifest                         appcache
 
@@ -297,11 +267,13 @@ AddDefaultCharset utf-8
                      .js \
                      .json \
                      .jsonld \
+                     .manifest \
                      .rdf \
                      .rss \
                      .topojson \
                      .vtt \
                      .webapp \
+                     .webmanifest \
                      .xloc \
                      .xml
 </IfModule>
@@ -475,7 +447,7 @@ AddDefaultCharset utf-8
 #     # the `X-Frame-Options` response header should be send only for
 #     # HTML documents and not for the other resources.
 
-#     <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+#     <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
 #         Header unset X-Frame-Options
 #     </FilesMatch>
 
@@ -510,7 +482,7 @@ AddDefaultCharset utf-8
 #     # the `Content-Security-Policy` response header should be send
 #     # only for HTML documents and not for the other resources.
 
-#     <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+#     <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
 #         Header unset Content-Security-Policy
 #     </FilesMatch>
 
@@ -678,7 +650,7 @@ AddDefaultCharset utf-8
 #     # the `X-XSS-Protection` response header should be send only for
 #     # HTML documents and not for the other resources.
 
-#     <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+#     <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
 #         Header unset X-XSS-Protection
 #     </FilesMatch>
 
@@ -878,9 +850,12 @@ FileETag None
     ExpiresDefault                                      "access plus 1 month"
 
   # CSS
+
     ExpiresByType text/css                              "access plus 1 year"
 
+
   # Data interchange
+
     ExpiresByType application/atom+xml                  "access plus 1 hour"
     ExpiresByType application/rdf+xml                   "access plus 1 hour"
     ExpiresByType application/rss+xml                   "access plus 1 hour"
@@ -892,25 +867,33 @@ FileETag None
     ExpiresByType application/xml                       "access plus 0 seconds"
     ExpiresByType text/xml                              "access plus 0 seconds"
 
+
   # Favicon (cannot be renamed!) and cursor images
+
     ExpiresByType image/vnd.microsoft.icon              "access plus 1 week"
     ExpiresByType image/x-icon                          "access plus 1 week"
 
   # HTML
+
     ExpiresByType text/html                             "access plus 0 seconds"
 
+
   # JavaScript
+
     ExpiresByType application/javascript                "access plus 1 year"
     ExpiresByType application/x-javascript              "access plus 1 year"
     ExpiresByType text/javascript                       "access plus 1 year"
 
+
   # Manifest files
-    ExpiresByType application/manifest+json             "access plus 1 year"
 
+    ExpiresByType application/manifest+json             "access plus 1 week"
     ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
     ExpiresByType text/cache-manifest                   "access plus 0 seconds"
 
+
   # Media files
+
     ExpiresByType audio/ogg                             "access plus 1 month"
     ExpiresByType image/bmp                             "access plus 1 month"
     ExpiresByType image/gif                             "access plus 1 month"
@@ -922,6 +905,7 @@ FileETag None
     ExpiresByType video/ogg                             "access plus 1 month"
     ExpiresByType video/webm                            "access plus 1 month"
 
+
   # Web fonts
 
     # Embedded OpenType (EOT)
@@ -942,7 +926,9 @@ FileETag None
     # Web Open Font Format (WOFF) 2.0
     ExpiresByType application/font-woff2                "access plus 1 month"
 
+
   # Other
+
     ExpiresByType text/x-cross-domain-policy            "access plus 1 week"
 
 </IfModule>
@@ -994,5 +980,5 @@ FileETag None
 # <IfModule mod_rewrite.c>
 #     RewriteEngine On
 #     RewriteCond %{REQUEST_FILENAME} !-f
-#     RewriteRule ^(.+)\.(\d+)\.(bmp|css|cur|gif|ico|jpe?g|js|png|svgz?|webp)$ $1.$3 [L]
+#     RewriteRule ^(.+)\.(\d+)\.(bmp|css|cur|gif|ico|jpe?g|js|png|svgz?|webp|webmanifest)$ $1.$3 [L]
 # </IfModule>

src/internet_explorer/x-ua-compatible.conf

@@ -23,7 +23,7 @@
     # the `X-UA-Compatible` response header should be send only for
     # HTML documents and not for the other resources.
 
-    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
         Header unset X-UA-Compatible
     </FilesMatch>
 

src/media_types/character_encodings.conf

@@ -24,11 +24,13 @@ AddDefaultCharset utf-8
                      .js \
                      .json \
                      .jsonld \
+                     .manifest \
                      .rdf \
                      .rss \
                      .topojson \
                      .vtt \
                      .webapp \
+                     .webmanifest \
                      .xloc \
                      .xml
 </IfModule>

src/media_types/media_types.conf

@@ -29,37 +29,7 @@
 
   # Manifest files
 
-    # If you are providing a web application manifest file (see
-    # the specification: https://w3c.github.io/manifest/), it is
-    # recommended that you serve it with the `application/manifest+json`
-    # media type.
-    #
-    # Because the web application manifest file doesn't have its
-    # own unique file extension, you can set its media type either
-    # by matching:
-    #
-    # 1) the exact location of the file (this can be done using a
-    #    directive such as `<Location>`, but it will NOT work in
-    #    the `.htaccess` file, so you will have to do it in the main
-    #    server configuration file or inside of a `<VirtualHost>`
-    #    container)
-    #
-    #    e.g.:
-    #
-    #       <Location "/.well-known/manifest.json">
-    #           AddType application/manifest+json               json
-    #       </Location>
-    #
-    # 2) the filename (this can be problematic as you will need to
-    #    ensure that you don't have any other file with the same name
-    #    as the one you gave to your web application manifest file)
-    #
-    #    e.g.:
-    #
-    #       <Files "manifest.json">
-    #           AddType application/manifest+json               json
-    #       </Files>
-
+    AddType application/manifest+json                   webmanifest
     AddType application/x-web-app-manifest+json         webapp
     AddType text/cache-manifest                         appcache
 

src/security/content-security-policy.conf

@@ -27,7 +27,7 @@
     # the `Content-Security-Policy` response header should be send
     # only for HTML documents and not for the other resources.
 
-    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
         Header unset Content-Security-Policy
     </FilesMatch>
 

src/security/x-frame-option.conf

@@ -40,7 +40,7 @@
     # the `X-Frame-Options` response header should be send only for
     # HTML documents and not for the other resources.
 
-    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
         Header unset X-Frame-Options
     </FilesMatch>
 

src/security/x-xss-protection.conf

@@ -43,7 +43,7 @@
     # the `X-XSS-Protection` response header should be send only for
     # HTML documents and not for the other resources.
 
-    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|woff2?|xloc|xml|xpi)$">
+    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
         Header unset X-XSS-Protection
     </FilesMatch>
 

src/web_performance/expires_headers.conf

@@ -16,9 +16,12 @@
     ExpiresDefault                                      "access plus 1 month"
 
   # CSS
+
     ExpiresByType text/css                              "access plus 1 year"
 
+
   # Data interchange
+
     ExpiresByType application/atom+xml                  "access plus 1 hour"
     ExpiresByType application/rdf+xml                   "access plus 1 hour"
     ExpiresByType application/rss+xml                   "access plus 1 hour"
@@ -30,25 +33,33 @@
     ExpiresByType application/xml                       "access plus 0 seconds"
     ExpiresByType text/xml                              "access plus 0 seconds"
 
+
   # Favicon (cannot be renamed!) and cursor images
+
     ExpiresByType image/vnd.microsoft.icon              "access plus 1 week"
     ExpiresByType image/x-icon                          "access plus 1 week"
 
   # HTML
+
     ExpiresByType text/html                             "access plus 0 seconds"
 
+
   # JavaScript
+
     ExpiresByType application/javascript                "access plus 1 year"
     ExpiresByType application/x-javascript              "access plus 1 year"
     ExpiresByType text/javascript                       "access plus 1 year"
 
+
   # Manifest files
-    ExpiresByType application/manifest+json             "access plus 1 year"
 
+    ExpiresByType application/manifest+json             "access plus 1 week"
     ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
     ExpiresByType text/cache-manifest                   "access plus 0 seconds"
 
+
   # Media files
+
     ExpiresByType audio/ogg                             "access plus 1 month"
     ExpiresByType image/bmp                             "access plus 1 month"
     ExpiresByType image/gif                             "access plus 1 month"
@@ -60,6 +71,7 @@
     ExpiresByType video/ogg                             "access plus 1 month"
     ExpiresByType video/webm                            "access plus 1 month"
 
+
   # Web fonts
 
     # Embedded OpenType (EOT)
@@ -80,7 +92,9 @@
     # Web Open Font Format (WOFF) 2.0
     ExpiresByType application/font-woff2                "access plus 1 month"
 
+
   # Other
+
     ExpiresByType text/x-cross-domain-policy            "access plus 1 week"
 
 </IfModule>

src/web_performance/filename-based_cache_busting.conf

@@ -13,5 +13,5 @@
 <IfModule mod_rewrite.c>
     RewriteEngine On
     RewriteCond %{REQUEST_FILENAME} !-f
-    RewriteRule ^(.+)\.(\d+)\.(bmp|css|cur|gif|ico|jpe?g|js|png|svgz?|webp)$ $1.$3 [L]
+    RewriteRule ^(.+)\.(\d+)\.(bmp|css|cur|gif|ico|jpe?g|js|png|svgz?|webp|webmanifest)$ $1.$3 [L]
 </IfModule>