Commit Graph

47 Commits

Author SHA1 Message Date
colymba
aa07a0edd8 BUGFIX #34 Only block root vendor folder
Use RewriteRule instead to take in account any subfolder via RewriteBase. Deny ss-cache and composer via RewriteRule too.

Move to RewriteRules
2014-02-18 22:37:49 +13:00
Simon Welsh
4fd75527dc Block access to .yaml files as well as .yml 2013-07-01 12:59:31 +12:00
Hamish Friedlander
becc5baa34 API Block all yaml files by default, to reduce the change of information leakage 2013-02-17 22:16:11 +01:00
Ingo Schommer
494bfc7863 Merge remote-tracking branch 'origin/2.4' into 3.0
Conflicts:
	build.xml
	composer.json
	install.php
	phpunit.xml.dist
2013-02-15 19:19:23 +01:00
Ingo Schommer
23523175f3 API Filter composer files in IIS and Apache rules (fixes #8011)
They can expose version information, so shouldn't be accessible
through the web. The better solution of course is to move
to a public/ subfolder application structure.
2013-02-15 19:13:41 +01:00
Sean Harvey
d74da7ba29 Fixing .htaccess to ignore rewriting PHP files directly 2012-12-04 14:34:54 +13:00
Sam Minnee
7898f89fb3 Reverted junk-commits from "Removed .mergesources.yml, not used since the dark SVN days"
This partially reverts commit 744605d21a.
2012-11-09 10:00:11 +13:00
Ingo Schommer
744605d21a Removed .mergesources.yml, not used since the dark SVN days 2012-11-08 14:03:39 +01:00
Simon Welsh
1a532faa60 API-CHANGE sapphire folder can now be renamed. 2012-04-14 12:53:12 +12:00
Hamish Friedlander
d5723f7b0e BUGFIX: If sapphire hasn't been installed as subdirectory, give error message rather than erroring out with a 500 or a php error 2011-10-29 15:53:41 +13:00
Ingo Schommer
e4031aa344 MINOR Using QSA RewriteRule flag in .htaccess instead of manually appending (fixes #6593, thanks smares) 2011-04-14 21:07:17 +12:00
sharvey
fba76de203 ENHANCEMENT Installer now has a fallback for mod_rewrite detection by setting an environment variable in .htaccess when "<IfModule mod_rewrite.c>" directive is satisfied
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@112973 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:56 +13:00
sharvey
a870ea1aa3 #5870 Block web requests to silverstripe-cache directory via htaccess RedirectMatch rule or web.config hiddenSegments functionality if using IIS 7.x
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@110241 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:54 +13:00
sharvey
f5245c7b0f ENHANCEMENT ErrorDocument in default .htaccess so Apache serves default 404 and 500 server error pages
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@108663 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:54 +13:00
phalkunz
e8db5c30c1 MINOR: revert -r102275
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@102276 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:52 +13:00
phalkunz
a04df99154 MINOR: remove unnecessary expression
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@102275 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:52 +13:00
sharvey
958d75869f MINOR Reverted r101354 and r101356 (see #3826)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@101404 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:52 +13:00
sharvey
934fbf9a88 MINOR Added comment to empty .htaccess file
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@101356 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:51 +13:00
sharvey
008267b299 BUGFIX #3826 Removed initial .htaccess contents to make installation of SS easier - the installer doesn't need any rewriting available initially
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@101354 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:51 +13:00
sharvey
ba357293b8 MINOR Reverted r98980
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98997 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:48 +13:00
trix
a4cf4672b4 MINOR fix typo
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98980 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:48 +13:00
sharvey
b27645b7ac MINOR Partially reverted r98887 re-adding the web.config permissions in .htaccess
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98889 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:47 +13:00
sharvey
2a47151ef5 MINOR Tabbing out of <Files> directive contents in .htaccess
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98888 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:47 +13:00
sharvey
fefd00cf1e BUGFIX If mod_rewrite isn't enabled on Apache, a 500 server error won't be generated which prevents the installer from opening and telling you there's no rewrite support
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98887 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:47 +13:00
ischommer
17764cf273 ENHANCEMENT Removed extension specific RewriteCond from .htaccess, install.php and rewritetest.php to allow for broader range of dynamically handled extensions (e.g. generating GIF files through SilverStripe controllers). See #2958
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@97791 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:46 +13:00
sharvey
52891a4ecf ENHANCEMENT Easier installation for IIS based configurations by providing the web.config file out of the box, an inaccessible file on Apache based web servers
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@93255 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:45 +13:00
ischommer
0074be8942 Removed DirectorySlash update from installer's default htaccess as it breaks some installation targets (from r67085) (from r92231)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92272 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:44 +13:00
ischommer
9288a062e8 MINOR Reverted accidental commit from r92260
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92261 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:43 +13:00
ischommer
1d6f9318b7 MINOR Mergeinfo
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92260 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:43 +13:00
sharvey
945a28f33a MINOR Merged r112269 through r113912 from phpinstaller/branches/2.4
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@113914 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-11-18 05:08:12 +00:00
sminnee
5a20fbed64 #5870 Block web requests to silverstripe-cache directory via htaccess RedirectMatch rule or web.config hiddenSegments functionality if using IIS 7.x (from r110241)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112417 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 01:19:01 +00:00
sminnee
991ec354b1 ENHANCEMENT ErrorDocument in default .htaccess so Apache serves default 404 and 500 server error pages (from r108663)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112415 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 01:18:46 +00:00
sminnee
044b0f0f80 BUGFIX If mod_rewrite isn't enabled on Apache, a 500 server error won't be generated which prevents the installer from opening and telling you there's no rewrite support (from r98887)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112108 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 02:53:34 +00:00
sminnee
dd015ff76a ENHANCEMENT Removed extension specific RewriteCond from .htaccess, install.php and rewritetest.php to allow for broader range of dynamically handled extensions (e.g. generating GIF files through SilverStripe controllers). See #2958 (from r97791)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112091 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 02:32:36 +00:00
sminnee
eebff68f46 ENHANCEMENT Easier installation for IIS based configurations by providing the web.config file out of the box, an inaccessible file on Apache based web servers (from r93255)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112086 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 02:22:49 +00:00
ischommer
a0cedd3fb5 MINOR Partially reverted r92439, accidental commit to .htaccess
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92877 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 10:36:20 +00:00
ischommer
844acb217d MINOR: Updating mergeinfo to ignore mergebacks
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92439 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 00:42:47 +00:00
ischommer
5bb0d9b138 Removed DirectorySlash update from installer's default htaccess as it breaks some installation targets (from r67085)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92231 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-19 19:34:02 +00:00
ischommer
823613bf92 BUGFIX Removed stop-condition for *.php in default .htaccess file to allow non-existent .php files to be handled by SilverStripe. For example, this is handy when dynamically redirecting "legacy URLs" like "index.php?id=42" to new pages through database lookups rather than static rewrites
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@81847 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-07-14 23:57:21 +00:00
ischommer
e5dd525948 BUGFIX Excluding .json extension from RewriteCond in .htaccess to allow RestfulServer to work with JSON formats (more precise regex)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@78429 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-04 21:53:08 +00:00
ischommer
3b6104ff56 BUGFIX Excluding .json extension from RewriteCond in .htaccess to allow RestfulServer to work with JSON formats
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@78428 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-06-04 21:44:12 +00:00
sminnee
abad46e6cb Merged branches/2.3 into trunk
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@66396 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-22 03:36:31 +00:00
sminnee
78fa0fc32a Reverted r65395
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@65396 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-06 21:01:04 +00:00
sminnee
dc2779fe8f Removed redundant code
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@65395 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-06 21:00:14 +00:00
sharvey
17e2329c61 Reverted htaccess change
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@65331 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-05 23:13:44 +00:00
phalkunz
3953b0f6ca IMPROVEMENT Fix tab display and button position when adding a record (ticket #3029)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@65328 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-11-05 23:10:24 +00:00
aoneil
4e0fdcb5cf Changed permission checks to check for the right things (merged from 2.0.2 branch, r37922)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@40479 467b73ca-7a2a-4603-9d3b-597d59a354a9
2007-08-20 00:28:42 +00:00