diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..34ecfa8 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,26 @@ +# For more information about the properties used in +# this file, please see the EditorConfig documentation: +# http://editorconfig.org/ + +root = true + +[*] +charset = utf-8 +end_of_line = lf +indent_size = 4 +indent_style = tab +insert_final_newline = true +trim_trailing_whitespace = true + +[*.md] +trim_trailing_whitespace = false + +[*.yml] +indent_size = 2 +indent_style = space + +[{.travis.yml,package.json}] +# The indent size used in the `package.json` file cannot be changed +# https://github.com/npm/npm/pull/3180#issuecomment-16336516 +indent_size = 2 +indent_style = space diff --git a/.htaccess b/.htaccess index 683ba0b..9048377 100644 --- a/.htaccess +++ b/.htaccess @@ -1,38 +1,44 @@ ### SILVERSTRIPE START ### + +# Deny access to templates (but allow from localhost) Order deny,allow Deny from all Allow from 127.0.0.1 +# Deny access to IIS configuration Order deny,allow Deny from all -# This denies access to all yml files, since developers might include sensitive -# information in them. See the docs for work-arounds to serve some yaml files +# Deny access to YAML configuration files which might include sensitive information Order allow,deny Deny from all +# Route errors to static pages automatically generated by SilverStripe ErrorDocument 404 /assets/error-404.html ErrorDocument 500 /assets/error-500.html SetEnv HTTP_MOD_REWRITE On - RewriteEngine On + RewriteEngine On + # Deny access to potentially sensitive files and folders RewriteRule ^vendor(/|$) - [F,L,NC] RewriteRule silverstripe-cache(/|$) - [F,L,NC] RewriteRule composer\.(json|lock) - [F,L,NC] - + + # Process through SilverStripe if no file with the requested name exists. + # Pass through the original path as a query parameter, and retain the existing parameters. RewriteCond %{REQUEST_URI} ^(.*)$ RewriteCond %{REQUEST_FILENAME} !-f - RewriteCond %{REQUEST_URI} !\.php$ RewriteRule .* framework/main.php?url=%1 [QSA] - + + # If framework isn't in a subdirectory, rewrite to installer RewriteCond %{REQUEST_URI} ^(.*)/framework/main.php$ RewriteCond %{REQUEST_FILENAME} !-f RewriteRule . %1/install.php? [R,L] diff --git a/assets/.htaccess b/assets/.htaccess index 8f4e7c2..dd7381f 100644 --- a/assets/.htaccess +++ b/assets/.htaccess @@ -10,20 +10,19 @@ # # For example, to add *.exe files to list of downloadable assets, change this line: # -# + Allow from all diff --git a/install-frameworkmissing.html b/install-frameworkmissing.html index 6128a3e..6e8d794 100644 --- a/install-frameworkmissing.html +++ b/install-frameworkmissing.html @@ -20,7 +20,7 @@

If you downloaded a pre-packaged zip or tar.gz, something might have gone wrong with the packaging process. Please try re-downloading, or try an older version.

-

If you downloaded this from github, you need to install the framework module. You can do this manually, or by running the tools/new-project script from the command line.

+

If you downloaded this from GitHub, you need to install the framework module. You can do this manually, or by running the tools/new-project script from the command line.