Commit Graph

30 Commits

Author SHA1 Message Date
Robbie Averill
be96858e85 [SS-2018-014] Remove jar, dotm, potm, xltm from file extension whitelist, hard-code CSS and JS for TinyMCE support 2018-05-14 17:20:03 +12:00
Damian Mooyman
f9c03fa623 [ss-2018-012] Prevent php code execution in assets folder 2018-05-14 17:18:12 +12:00
Ingo Schommer
bce724ca76 Use index.php for serving content
Removes main.php reliance. Paves the way for
serving SilverStripe from a public/ subfolder in the base path.
This requires an index.php file in the webroot,
since you can't set a RewriteRule to a path outside of the webroot
(e.g. "public/.htaccess" pointing to "../vendor/silverstripe/framework/main.php").
2017-10-05 08:09:45 +01:00
Damian Mooyman
8ab058a3fd
Update unit test paths and asset .htaccess 2017-10-03 15:09:02 +13:00
Damian Mooyman
bf76193e13
Remove redundant dummy file in assets 2017-06-06 11:45:15 +12:00
Damian Mooyman
4301fa850d BUG Fix incorrect backslash escaping in htaccess template (#140) 2016-09-22 18:01:44 +12:00
Damian Mooyman
8366d22a19 API Replace old assets/.htaccess with better default 2016-02-26 14:05:55 +13:00
Daniel Hensby
0f0e4e85a5 Merge branch '3.2' into 3 2015-11-10 10:55:06 +00:00
Daniel Hensby
b73a8cc724 Reorganise .gitignore file 2015-11-10 10:30:15 +00:00
Nick Spiel
6346004398 Allowing SVGs in the assets directory
This should be combined with a PR I have started on silverstripe-framework https://github.com/silverstripe/silverstripe-framework/pull/4669
2015-10-08 17:35:42 +11:00
JorisDebonnet
3bc40bd2bf .htaccess: support for MS Office template / macro files
Fixes silverstripe-framework's issue 3692 (..no idea how to link that!).
2014-12-04 21:57:08 +01:00
Daniel Hensby
69761d0949 DOCS assets/.htaccess
Updating the docs to reflect the actual rules
2014-08-17 15:38:39 +01:00
Gordon Anderson
72e8ae0b87 Addition of geographical file formats (gpx,kml) 2013-11-12 11:39:12 +07:00
Gordon Anderson
68b8b08b2c Addition of geographic files (gpx, kml) 2013-11-12 11:37:26 +07:00
Ingo Schommer
304cb25808 Merge remote-tracking branch 'origin/3.0' into 3.1 2013-10-19 12:02:28 +02:00
Ingo Schommer
69889ec786 Updated SS logo sample file 2013-08-07 20:36:28 +02:00
Elvinas
7403a844e0 HTML5 video file types. 2013-05-27 21:32:04 +03:00
Nightjar
04be573187 case insensitive the assets/ allowed extensions for Apache 2013-05-25 19:43:13 +12:00
sharvey
54e8eefef2 BUGFIX #6321 Whitelisted file extensions with uppercase extensions blocked by case sensitive FilesMatch directive in assets/.htaccess (does not affect IIS 7.x which uses web.config)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@115816 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:57 +13:00
sminnee
a0f92459eb BUGFIX #6197 simon_w: Fixed Internal Server Error when accessing assets on Apache without mod_php.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@113809 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:56 +13:00
sminnee
b0caa5c680 BUGFIX: Enhance the protection of the assets/ directory in both IIS and Apache by including a file type whitelist.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@112963 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:55 +13:00
ischommer
ef138cb1d9 MINOR Fixed comma where it should've been a dot (from r83449) (from r92249)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92288 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:44 +13:00
ischommer
a5f4ac0550 BUGFIX #4171 hamish: Fixed assets/.htaccess for CGI environments. (from r79222) (from r92247)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92286 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:44 +13:00
ischommer
ea2eb97c62 Disable PHP in the assets directory, regardless of virtual-host config (from r74816) (from r92246)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92285 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:44 +13:00
sharvey
d8ee7bde57 BUGFIX #6321 Whitelisted file extensions with uppercase extensions blocked by case sensitive FilesMatch directive in assets/.htaccess (does not affect IIS 7.x which uses web.config) (from r115816)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@115819 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-01-26 03:14:26 +00:00
sharvey
945a28f33a MINOR Merged r112269 through r113912 from phpinstaller/branches/2.4
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@113914 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-11-18 05:08:12 +00:00
ischommer
6765f0ac06 MINOR Fixed comma where it should've been a dot (from r83449)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92249 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-19 19:46:05 +00:00
ischommer
9eebe737e2 BUGFIX #4171 hamish: Fixed assets/.htaccess for CGI environments. (from r79222)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92247 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-19 19:42:55 +00:00
ischommer
5959603955 Disable PHP in the assets directory, regardless of virtual-host config (from r74816)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92246 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-19 19:42:02 +00:00
aoneil
c76f20ef98 Added logo to default install
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@42470 467b73ca-7a2a-4603-9d3b-597d59a354a9
2007-09-24 00:25:22 +00:00