[freeside-commits] branch FREESIDE_3_BRANCH updated. b74b684d4af6c4bbdfcafb2d99e737550962c9bc

Ivan ivan at 420.am
Fri Oct 23 16:22:48 PDT 2015 

The branch, FREESIDE_3_BRANCH has been updated
       via  b74b684d4af6c4bbdfcafb2d99e737550962c9bc (commit)
      from  2bc72d758fc28a4a8beb24d7a93d5502d0355ca6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b74b684d4af6c4bbdfcafb2d99e737550962c9bc
Author: Ivan Kohler <ivan at freeside.biz>
Date:   Fri Oct 23 16:22:45 2015 -0700

    deny remote access to elements/*html, RT#23357

diff --git a/htetc/freeside-base2.conf b/htetc/freeside-base2.conf
index 49b4a24..3eef50c 100644
--- a/htetc/freeside-base2.conf
+++ b/htetc/freeside-base2.conf
@@ -15,27 +15,38 @@ PerlRequire "%%%MASON_HANDLER%%%"
 AddDefaultCharset UTF-8
 
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%>
-AuthName Freeside
-AuthType Basic
-AuthUserFile %%%FREESIDE_CONF%%%/htpasswd
-require valid-user
-<Files ~ "(\.cgi|\.html)$">
-SetHandler perl-script
-PerlHandler HTML::Mason
-</Files>
+
+    AuthName Freeside
+    AuthType Basic
+    AuthUserFile %%%FREESIDE_CONF%%%/htpasswd
+    require valid-user
+
+    <Files ~ "(\.cgi|\.html)$">
+        SetHandler perl-script
+        PerlHandler HTML::Mason
+    </Files>
+
 </Directory>
+
+<Directory %%%FREESIDE_DOCUMENT_ROOT%%%/elements/>
+    <Files ~ "(\.html)$">
+        Deny from all
+        SetHandler None
+    </Files>
+</Directory>
+
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%/rt/Helpers/>
-SetHandler perl-script
-PerlHandler HTML::Mason
+    SetHandler perl-script
+    PerlHandler HTML::Mason
 </Directory>
 
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%/loginout>
-AuthName Freeside
-AuthType Basic
-AuthUserFile %%%FREESIDE_CONF%%%/htpasswd.logout
-require valid-user
-<Files ~ "(\.cgi|\.html)$">
-SetHandler default-handler
-</Files>
+    AuthName Freeside
+    AuthType Basic
+    AuthUserFile %%%FREESIDE_CONF%%%/htpasswd.logout
+    require valid-user
+    <Files ~ "(\.cgi|\.html)$">
+        SetHandler default-handler
+    </Files>
 </Directory>
 

-----------------------------------------------------------------------

Summary of changes:
 htetc/freeside-base2.conf |   45 ++++++++++++++++++++++++++++-----------------
 1 file changed, 28 insertions(+), 17 deletions(-)

More information about the freeside-commits mailing list