Permalink
Browse files

API Block all yaml files by default, to reduce the change of informat…

…ion leakage
  • Loading branch information...
1 parent 98135df commit becc5baa344e4307027c1a01ec96f3c2d574b9ab Hamish Friedlander committed with chillu Dec 12, 2012
Showing with 7 additions and 0 deletions.
  1. +7 −0 .htaccess
View
7 .htaccess
@@ -10,6 +10,13 @@
Deny from all
</Files>
+# This denies access to all yml files, since developers might include sensitive
+# information in them. See the docs for work-arounds to serve some yaml files
+<Files *.yml>
+ Order allow,deny
+ Deny from all
+</Files>
+
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html

0 comments on commit becc5ba

Please sign in to comment.