1 files changed, 15 insertions, 2 deletions

diff --git a/files/etc/nginx/sites-available/webmap b/files/etc/nginx/sites-available/webmap
index d473e54..e43af57 100644
--- a/files/etc/nginx/sites-available/webmap
+++ b/files/etc/nginx/sites-available/webmap
@@ -65,8 +65,10 @@ server {
 
     location ^~ /assets/ {
         expires 7d;
-        brotli_static on;
         try_files $uri =404;
+        location ~ "\.(?:css|js|svg)$" {
+            brotli_static on;
+        }
     }
     location ^~ /tiles/ {
         expires 30m;
@@ -75,6 +77,15 @@ server {
         # service an empty payload to save bandwidth
         error_page 404 /_.txt;
     }
+    location ^~ /raster/ {
+        expires 30m;
+        try_files $uri =404;
+        # service an empty payload to save bandwidth
+        error_page 404 /_.txt;
+        location ~ "\.json$" {
+            brotli_static on;
+        }
+    }
     location = /q {
         expires epoch;
         limit_except POST { deny all; }
@@ -107,8 +118,10 @@ server {
         add_header X-Content-Type-Options "nosniff";
         add_header X-XSS-Protection "1; mode=block";
         add_header Strict-Transport-Security "max-age=31557600; includeSubDomains" always;
-        add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' data: https://minkarta.lantmateriet.se/map/; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'none'; base-uri 'self'";
+        add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self' data: https://minkarta.lantmateriet.se/map/; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'none'; worker-src blob:; base-uri 'self'";
 
+        expires 1h;
+        brotli_static on;
         try_files $uri $uri/ =404;
     }
 }