-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add rewrite base to generated .htaccess rules #40697
Conversation
If htaccess.RewriteBase is set we need to prepend it to the generated rules.
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
💥 Acceptance tests pipeline apiProxySmoke-8-4-mariadb10.2-php7.4 failed. The build has been cancelled. |
💥 Acceptance tests pipeline apiShareManagementBasicToShares-mariadb10.2-php7.4 failed. The build has been cancelled. |
💥 Acceptance tests pipeline apiShareManagementToRoot-mariadb10.2-php7.4 failed. The build has been cancelled. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A literal unescaped $rewriteBase can destroy the regexp.
We need to apply proper regexp escaping, this is a security relevant.
We could do this in a addtional PR by sanitizing $rewriteBase with preg_quote. But IMO offtopic for this PR. A path shouldn't contain any Regex characters and is coming from the trusted config anyways, no? |
No, I don't think so. This path is perfectly legal, imho. Pfft. On another thought, we don't quote strings in .htaccess, that means it breaks apart, when RewriteBase contains whitespace... |
Hmhh this rewrite rule seems to break tests which run on apache:
|
$content .= "\n RewriteCond %{REQUEST_URI} !^$rewriteBaseRe/updater/"; | ||
$content .= "\n RewriteCond %{REQUEST_URI} !^$rewriteBaseRe/ocs-provider/"; | ||
$content .= "\n RewriteCond %{REQUEST_URI} !^$rewriteBaseRe/ocm-provider/"; | ||
$content .= "\n RewriteCond %{REQUEST_URI} !^$rewriteBaseRe/\\.well-known/(acme-challenge|pki-validation)/.*"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.well-known usually lives at the root.
But I don't think it hurts to also enable it also at the ownCloud subfolder level.
Our .htaccess does not limit .well-known at the root, when it is in a subfolder. Afaik, that is the way how .htaccess works.
…ewriteBase. I am adding a trim, to get rid of double slashes. That should make the CI pass.
Kudos, SonarCloud Quality Gate passed! |
Description
If htaccess.RewriteBase is set we need to prepend it in the generated rules.
Related Issue
Motivation and Context
The hardened .htaccess fix caused a regression for installations which have owncloud in a subfolder.
How Has This Been Tested?
Types of changes
Checklist: