[TASK] Allow access to visible content within /.well-known/ directory 27/45927/2
authorCedric Ziel <cedric@cedric-ziel.com>
Thu, 14 Jan 2016 18:18:24 +0000 (19:18 +0100)
committerBenni Mack <benni@typo3.org>
Fri, 15 Jan 2016 10:33:29 +0000 (11:33 +0100)
Allow access to the visible content from within the `/.well-known/`
hidden directory. The access to all other hidden files and directories
(starting with a dot) is still blocked.

The /.well-known/ directory represents the standard (RFC 5785) path
prefix for "well-known locations", and therefore, access to its visible
content should not be blocked.

Resolves: #72712
Releases: master,7.6,6.2
Change-Id: I533d38a12da5cae59abed4fc00d597814d28fa04
Reviewed-on: https://review.typo3.org/45927
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
_.htaccess

index 577b834..d77fd91 100644 (file)
@@ -281,7 +281,9 @@ AddDefaultCharset utf-8
        RewriteRule typo3temp/logs/ - [F]
        RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext|typo3/vendor)/[^/]+/(?:Configuration|Resources/Private|Tests?)/ - [F]
 
-       # Access block for files or folders starting with a dot
+       # Block access to all hidden files and directories with the exception of
+       # the visible content from within the `/.well-known/` hidden directory (RFC 5785).
+       RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
        RewriteCond %{SCRIPT_FILENAME} -d [OR]
        RewriteCond %{SCRIPT_FILENAME} -f
        RewriteRule (?:^|/)\. - [F]