MINOR Merged r112269 through r113912 from phpinstaller/branches/2.4

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@113914 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
sharvey 2010-11-18 05:08:12 +00:00
parent 91d00c52b8
commit 945a28f33a
4 changed files with 142 additions and 7 deletions

View File

@ -18,7 +18,9 @@ ErrorDocument 500 /assets/error-500.html
</IfModule> </IfModule>
<IfModule mod_rewrite.c> <IfModule mod_rewrite.c>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On RewriteEngine On
RewriteCond %{REQUEST_URI} ^(.*)$ RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L] RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]

View File

@ -1,2 +1,34 @@
RemoveHandler .php .phtml .php3 .php4 .php5 .inc #
RemoveType .php .phtml .php3 .php4 .php5 .inc # Whitelist appropriate assets files.
# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
#
# If you are not using Apache then you can ignore this file.
# If you are using IIS then you should look at assets/web.config instead.
#
# To add an extension to the list, you need to put another string of the form "ext|" on the
# FilesMatch line, inside the parentheses.
#
# For example, to add *.exe files to list of downloadable assets, change this line:
#
# <FilesMatch "\.(html|htm|xhtml...
#
# To this:
#
# <FilesMatch "\.(exe|html|htm|xhtml...
#
# Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
# directory.
#
Deny from all
<FilesMatch "\.(html|htm|xhtml|js|css|bmp|png|gif|jpg|jpeg|ico|pcx|tif|tiff|au|mid|midi|mpa|mp3|ogg|m4a|ra|wma|wav|cda|avi|mpg|mpeg|asf|wmv|m4v|mov|mkv|mp4|swf|flv|ram|rm|doc|docx|txt|rtf|xls|xlsx|pages|ppt|pptx|pps|csv|cab|arj|tar|zip|zipx|sit|sitx|gz|tgz|bz2|ace|arc|pkg|dmg|hqx|jar|xml|pdf)$">
Allow from all
</FilesMatch>
# We disable PHP via several methods
# Replace the handler with the default plaintext handler
AddHandler default-handler php phtml php3 php4 php5 inc
<IfModule mod_php5.c>
# Turn the PHP engine off
php_flag engine off
</IfModule>

97
assets/web.config Normal file
View File

@ -0,0 +1,97 @@
<!--
Configuration to whitelist appropriate asset files, for IIS.
Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
If you are not using IIS then you can ignore this file.
If you are using Apache then you should look at assets/.htaccess instead.
To add an extension to to the list, you will need to add another <add> entry inside the <fileExtensions>
tag.
For example, to add *.exe files to the list of downloadable assets, add this line below the
<fileExtensions line>:
<add fileExtension=".exe" allowed="true" />
Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
directory.
-->
<configuration>
<system.webServer>
<security>
<requestFiltering>
<fileExtensions allowUnlisted="false" applyToWebDAV="true">
<add fileExtension=".html" allowed="true" />
<add fileExtension=".htm" allowed="true" />
<add fileExtension=".xhtml" allowed="true" />
<add fileExtension=".js" allowed="true" />
<add fileExtension=".css" allowed="true" />
<add fileExtension=".bmp" allowed="true" />
<add fileExtension=".png" allowed="true" />
<add fileExtension=".gif" allowed="true" />
<add fileExtension=".jpg" allowed="true" />
<add fileExtension=".jpeg" allowed="true" />
<add fileExtension=".ico" allowed="true" />
<add fileExtension=".pcx" allowed="true" />
<add fileExtension=".tif" allowed="true" />
<add fileExtension=".tiff" allowed="true" />
<add fileExtension=".au" allowed="true" />
<add fileExtension=".mid" allowed="true" />
<add fileExtension=".midi" allowed="true" />
<add fileExtension=".mpa" allowed="true" />
<add fileExtension=".mp3" allowed="true" />
<add fileExtension=".ogg" allowed="true" />
<add fileExtension=".m4a" allowed="true" />
<add fileExtension=".ra" allowed="true" />
<add fileExtension=".wma" allowed="true" />
<add fileExtension=".wav" allowed="true" />
<add fileExtension=".cda" allowed="true" />
<add fileExtension=".avi" allowed="true" />
<add fileExtension=".mpg" allowed="true" />
<add fileExtension=".mpeg" allowed="true" />
<add fileExtension=".asf" allowed="true" />
<add fileExtension=".wmv" allowed="true" />
<add fileExtension=".m4v" allowed="true" />
<add fileExtension=".mov" allowed="true" />
<add fileExtension=".mkv" allowed="true" />
<add fileExtension=".mp4" allowed="true" />
<add fileExtension=".swf" allowed="true" />
<add fileExtension=".flv" allowed="true" />
<add fileExtension=".ram" allowed="true" />
<add fileExtension=".rm" allowed="true" />
<add fileExtension=".doc" allowed="true" />
<add fileExtension=".docx" allowed="true" />
<add fileExtension=".txt" allowed="true" />
<add fileExtension=".rtf" allowed="true" />
<add fileExtension=".xls" allowed="true" />
<add fileExtension=".xlsx" allowed="true" />
<add fileExtension=".pages" allowed="true" />
<add fileExtension=".ppt" allowed="true" />
<add fileExtension=".pptx" allowed="true" />
<add fileExtension=".pps" allowed="true" />
<add fileExtension=".csv" allowed="true" />
<add fileExtension=".cab" allowed="true" />
<add fileExtension=".arj" allowed="true" />
<add fileExtension=".tar" allowed="true" />
<add fileExtension=".zip" allowed="true" />
<add fileExtension=".zipx" allowed="true" />
<add fileExtension=".sit" allowed="true" />
<add fileExtension=".sitx" allowed="true" />
<add fileExtension=".gz" allowed="true" />
<add fileExtension=".tgz" allowed="true" />
<add fileExtension=".bz2" allowed="true" />
<add fileExtension=".ace" allowed="true" />
<add fileExtension=".arc" allowed="true" />
<add fileExtension=".pkg" allowed="true" />
<add fileExtension=".dmg" allowed="true" />
<add fileExtension=".hqx" allowed="true" />
<add fileExtension=".jar" allowed="true" />
<add fileExtension=".xml" allowed="true" />
<add fileExtension=".pdf" allowed="true" />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration>

View File

@ -659,6 +659,8 @@ class InstallRequirements {
function testApacheRewriteExists($moduleName = 'mod_rewrite') { function testApacheRewriteExists($moduleName = 'mod_rewrite') {
if(function_exists('apache_get_modules') && in_array($moduleName, apache_get_modules())) { if(function_exists('apache_get_modules') && in_array($moduleName, apache_get_modules())) {
return true; return true;
} elseif(isset($_SERVER['HTTP_MOD_REWRITE']) && $_SERVER['HTTP_MOD_REWRITE'] == 'On') {
return true;
} else { } else {
return false; return false;
} }
@ -1225,16 +1227,18 @@ TEXT;
}, 2000); }, 2000);
} else { } else {
$('#ModRewriteResult').html("Friendly URLs are not working. This is most likely because a rewrite module isn't configured " $('#ModRewriteResult').html("Friendly URLs are not working. This is most likely because a rewrite module isn't configured "
+ "correctly on your site. Please check the following things in your Apache configuration; " + "correctly on your site. You may need to get your web host or server administrator to do this for you: "
+ " you may need to get your web host or server administrator to do this for you:" + "<ul>"
+ "<ul><li>mod_rewrite is enabled</li><li>AllowOverride All is set for your directory</li></ul>"); + "<li><strong>mod_rewrite</strong> or other rewrite module is enabled on your web server</li>"
+ "<li><strong>AllowOverride All</strong> is set for the directory where SilverStripe is installed</li>"
+ "</ul>");
} }
} }
}); });
} }
</script> </script>
<noscript> <noscript>
<li><a href="home/successfullyinstalled?flush=1">Click here to check friendly URLs are working. If you get a 404 then something is wrong.</li> <li><a href="home/successfullyinstalled?flush=1">Click here</a> to check friendly URLs are working. If you get a 404 then something is wrong.</li>
</noscript> </noscript>
HTML; HTML;
} }