Skip to content
Extraits de code Groupes Projets
Valider f9c20700 rédigé par mattab's avatar mattab
Parcourir les fichiers

Do not add Options -Indexes to .htaccess 

fixes #11040
parent 5582caec
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Masquer les modifications d'espaces
En ligne Côte à côte
core/Updates/3.0.1.php core/Updates/3.0.1-b1.php
+ 2
1
Voir le fichier @ f9c20700
...@@ -13,11 +13,12 @@ use Piwik\Plugins\Installation\ServerFilesGenerator; ...@@ -13,11 +13,12 @@ use Piwik\Plugins\Installation\ServerFilesGenerator;
use Piwik\Updater; use Piwik\Updater;
use Piwik\Updates as PiwikUpdates; use Piwik\Updates as PiwikUpdates;
class Updates_3_0_1 extends PiwikUpdates class Updates_3_0_1_b1 extends PiwikUpdates
{ {
public function doUpdate(Updater $updater) public function doUpdate(Updater $updater)
{ {
// Allow IIS to serve .woff files (https://github.com/piwik/piwik/pull/11091). // Allow IIS to serve .woff files (https://github.com/piwik/piwik/pull/11091).
// Re-generate .htaccess without 'Options -Indexes' because it does not always work on some servers
ServerFilesGenerator::createFilesForSecurity(); ServerFilesGenerator::createFilesForSecurity();
} }
} }
plugins/Installation/ServerFilesGenerator.php
+ 10
13
Voir le fichier @ f9c20700
...@@ -33,13 +33,10 @@ class ServerFilesGenerator ...@@ -33,13 +33,10 @@ class ServerFilesGenerator
$denyAll = self::getDenyAllHtaccessContent(); $denyAll = self::getDenyAllHtaccessContent();
$allow = self::getAllowHtaccessContent(); $allow = self::getAllowHtaccessContent();
// more selective allow/deny filters
$noDirectoryListing = "Options -Indexes\n";
$allowAny = $allowAny =
"# Allow any file in this directory\n" . "# Allow any file in this directory\n" .
"<Files \"*\">\n" . "<Files \"*\">\n" .
$allow . "\n" . "\t" . $allow . "\n" .
"</Files>\n"; "</Files>\n";
$allowStaticAssets = $allowStaticAssets =
...@@ -55,11 +52,11 @@ class ServerFilesGenerator ...@@ -55,11 +52,11 @@ class ServerFilesGenerator
"</Files>\n"; "</Files>\n";
$directoriesToProtect = array( $directoriesToProtect = array(
'/js' => $allowAny . $noDirectoryListing, '/js' => $allowAny,
'/libs' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/libs' => $denyAll . $allowStaticAssets,
'/vendor' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/vendor' => $denyAll . $allowStaticAssets,
'/plugins' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/plugins' => $denyAll . $allowStaticAssets,
'/misc/user' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/misc/user' => $denyAll . $allowStaticAssets,
); );
foreach ($directoriesToProtect as $directoryToProtect => $content) { foreach ($directoriesToProtect as $directoryToProtect => $content) {
self::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect, $overwrite = true, $content); self::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect, $overwrite = true, $content);
...@@ -67,10 +64,10 @@ class ServerFilesGenerator ...@@ -67,10 +64,10 @@ class ServerFilesGenerator
// deny access to these folders // deny access to these folders
$directoriesToProtect = array( $directoriesToProtect = array(
'/config' => $denyAll . $noDirectoryListing, '/config' => $denyAll,
'/core' => $denyAll . $noDirectoryListing, '/core' => $denyAll,
'/lang' => $denyAll . $noDirectoryListing, '/lang' => $denyAll,
'/tmp' => $denyAll . $noDirectoryListing, '/tmp' => $denyAll,
); );
foreach ($directoriesToProtect as $directoryToProtect => $content) { foreach ($directoriesToProtect as $directoryToProtect => $content) {
self::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect, $overwrite = true, $content); self::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect, $overwrite = true, $content);
......
0% ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter