diff --git a/.htaccess b/.htaccess old mode 100755 new mode 100644 index 4ba5095e14..e1ded52dcd --- a/.htaccess +++ b/.htaccess @@ -6,8 +6,6 @@ RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION -ErrorDocument 403 /core/templates/403.php -ErrorDocument 404 /core/templates/404.php php_value upload_max_filesize 513M php_value post_max_size 513M diff --git a/lib/private/setup.php b/lib/private/setup.php index b1061b3a25..4889f60333 100644 --- a/lib/private/setup.php +++ b/lib/private/setup.php @@ -110,9 +110,10 @@ class OC_Setup { // out that this is indeed an ownCloud data directory file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data').'/.ocdata', ''); - //create htaccess files for apache hosts + // Update htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { - self::createHtaccess(); + self::updateHtaccess(); + self::protectDataDirectory(); } //and we are done @@ -123,52 +124,13 @@ class OC_Setup { } /** - * create .htaccess files for apache hosts + * Append the correct ErrorDocument path for Apache hosts */ - private static function createHtaccess() { - $content = "\n"; - $content.= "\n"; - $content.= "\n"; - $content.= "SetEnvIfNoCase ^Authorization$ \"(.+)\" XAUTHORIZATION=$1\n"; - $content.= "RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION\n"; - $content.= "\n"; - $content.= "\n"; - $content.= "\n"; + public static function updateHtaccess() { + $content = "\n"; $content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page - $content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page - $content.= "\n"; - $content.= "php_value upload_max_filesize 512M\n";//upload limit - $content.= "php_value post_max_size 512M\n"; - $content.= "php_value memory_limit 512M\n"; - $content.= "php_value mbstring.func_overload 0\n"; - $content.= "\n"; - $content.= " SetEnv htaccessWorking true\n"; - $content.= "\n"; - $content.= "\n"; - $content.= "\n"; - $content.= "RewriteEngine on\n"; - $content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n"; - $content.= "RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]\n"; - $content.= "RewriteRule ^.well-known/carddav /remote.php/carddav/ [R]\n"; - $content.= "RewriteRule ^.well-known/caldav /remote.php/caldav/ [R]\n"; - $content.= "RewriteRule ^apps/([^/]*)/(.*\.(php))$ index.php?app=$1&getfile=$2 [QSA,L]\n"; - $content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n"; - $content.= "\n"; - $content.= "\n"; - $content.= "AddType image/svg+xml svg svgz\n"; - $content.= "AddEncoding gzip svgz\n"; - $content.= "\n"; - $content.= "\n"; - $content.= "DirectoryIndex index.php index.html\n"; - $content.= "\n"; - $content.= "AddDefaultCharset utf-8\n"; - $content.= "Options -Indexes\n"; - $content.= "\n"; - $content.= "ModPagespeed Off\n"; - $content.= "\n"; - @file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it - - self::protectDataDirectory(); + $content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php";//custom 404 error page + @file_put_contents(OC::$SERVERROOT.'/.htaccess', $content, FILE_APPEND); //suppress errors in case we don't have permissions for it } public static function protectDataDirectory() { diff --git a/lib/private/updater.php b/lib/private/updater.php index 9f57aa0b6a..a59e3820de 100644 --- a/lib/private/updater.php +++ b/lib/private/updater.php @@ -91,6 +91,7 @@ class Updater extends BasicEmitter { /** * runs the update actions in maintenance mode, does not upgrade the source files + * except the main .htaccess file */ public function upgrade() { \OC_DB::enableCaching(false); @@ -102,6 +103,11 @@ class Updater extends BasicEmitter { } $this->emit('\OC\Updater', 'maintenanceStart'); + // Update htaccess files for apache hosts + if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { + \OC_Setup::updateHtaccess(); + } + // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory // (in case it didn't exist before)