Websites/bugs.webkit.org/.htaccess - WebKit - Git at Google

 # don't allow people to retrieve non-cgi executable files or our private data
 <FilesMatch ^(.*\.pm|.*\.pl|.*localconfig.*)$>
   deny from all
 </FilesMatch>
 <FilesMatch ^(localconfig.js|localconfig.rdf)$>
   allow from all
 </FilesMatch>

 # Force all connections to HTTPS for 90 days at a time.
 Header set Strict-Transport-Security "max-age=7776000"
	# don't allow people to retrieve non-cgi executable files or our private data
	<FilesMatch ^(.\.pm\|.\.pl\|.localconfig.)$>
	deny from all
	</FilesMatch>
	<FilesMatch ^(localconfig.js\|localconfig.rdf)$>
	allow from all
	</FilesMatch>

	# Force all connections to HTTPS for 90 days at a time.
	Header set Strict-Transport-Security "max-age=7776000"