Robert Jäckel
8c3bf139ff
restrict access to public files only
...
use mod_rewrite to pretend theese files are not existend for security purposes
2014-11-27 17:14:27 +01:00
Thomas Müller
4b5c7d3d9d
adding cache control headers for css and js - fixes #11496
2014-10-14 06:36:53 +02:00
Lukas Reschke
bd4f3849a3
That file was accidentally commited. Partially revert f2fc214ce0
2014-06-16 20:38:21 +02:00
Lukas Reschke
f2fc214ce0
Add deprecation notice to load* functions
...
This functions are deprecated and/or removed since ownCloud 7. Additionally a issubdirectory check has been added here to prevent developers to use this function in a potentially insecure way.
Port of https://github.com/owncloud/core/pull/9033
2014-06-16 20:33:04 +02:00
Lukas Reschke
ac7fb1b23e
Remove legacy routing code
...
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.
This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.
Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
2014-06-05 11:45:45 +02:00
Felix Eckhofer
61ca269292
Remove trailing tab
2014-04-28 09:06:26 +02:00
Felix Eckhofer
460d06c235
Escape literal dots in mod_rewrite regexes
2014-04-28 09:06:26 +02:00
Lukas Reschke
357fdb1a4d
Remove .htaccess creation code
...
1. We're maintaining the same code twice which leads inevitably to problems as this one. The createHtaccess routine is only used to use the correct paths to the 404 and 403 document.
2. Updating the ownCloud instance as described in our documentation (`Delete everything from your ownCloud installation directory, except data and config.`) will break the links to the ErrorDocuments anyways and show the default error handlers if ownCloud is not installed in the root directory.
2014-02-28 11:59:30 +01:00
Thomas Müller
269f24cf96
remove css files from rewrite rule - there is no need to rewrite css any more
2014-01-23 21:28:19 +01:00
Thomas Müller
5eef107344
turn off mod_pagespeed
2014-01-08 07:56:08 +01:00
Thomas Tanghus
78559c0863
disable mbstring.func_overload
2013-05-10 02:13:59 +03:00
Daniel Molkentin
a86fe7920b
Try to prefer index.php over index.html in the same directory
...
Add JS redirect if that fails (HTTP-based redirects are disabled by
default in more recent Firefox versions).
2013-04-24 15:11:53 +02:00
Myles McNamara
ef2e84026e
remove php_value
...
php_value can only be used with mod_php, using it with FCGI will cause 500 Internal Server errors. This needs to be set in php.ini manually or set using ini_set().
2013-03-07 23:30:56 -05:00
Brice Maron
6c26214955
Refix #1931
2013-02-27 17:51:28 +01:00
Thomas Müller
f3a8bf9260
Merge pull request #1931 from owncloud/fastcgi
...
add cgi pathinfo when fcgi is enabled #1189
2013-02-26 12:40:12 -08:00
Bernhard Posselt
26d5992161
add cgi pathinfo when fcgi is enabled #1189
2013-02-26 18:00:07 +01:00
Bernhard Posselt
023f19e929
added defaultcharset to utf-8 in htaccess
2013-02-26 17:38:59 +01:00
Michiel de Jong
e37dd7aa82
add /.well-known/host-meta.json to .htaccess
2012-11-10 20:00:28 -06:00
Stefan Seidel
8f669880bc
Fix WebDAV (and Android Client) not being able to authorize on Debian Squeeze + mod_fcgid installs.
2012-11-09 13:30:07 +01:00
Robin Appelman
6bc156ba69
add svg mimetype to default htaccess
2012-10-28 16:03:52 +01:00
Robin Appelman
f1b10fcc93
update translations
2012-06-06 00:29:44 +02:00
Georg Ehrke
9e83c3f823
add caldav and carddav files in their old place for backward compatibility - add rewriterule for caldav and carddav
2012-05-16 21:05:15 +02:00
Michiel de Jong
4c6d11e223
move auth.css and remoteStorage-big.png to assets folders From where they can be included
2012-05-14 17:05:35 +02:00
Georg Ehrke
3f86fd5193
remove redirects in htaccess to improve compatibility with desktop client
2012-05-14 15:42:16 +02:00
Michiel de Jong
02cee2c562
trying to fix /.well-known/host-meta
2012-05-11 10:47:42 +02:00
Georg Ehrke
a69c53caef
remove empty line in .htaccess
2012-05-10 18:14:59 +02:00
Georg Ehrke
9bdd00c0f2
update htaccess file and remove remote folder
2012-05-07 11:54:42 +02:00
Bart Visscher
f69f764e8b
Working remote.php with webdav and caldav
2012-05-06 00:12:51 +02:00
Bart Visscher
b62a8ba0f8
Better regex for old apps rewrite rule
2012-05-03 17:33:57 +02:00
Bart Visscher
ec98ecff05
Catch old app paths, change them to new form
2012-05-02 21:36:33 +02:00
Georg Ehrke
da03d05700
create folder 'remote' for the remote services like caldav, carddav and webdav
2012-05-02 16:41:23 +02:00
Bart Visscher
ea99e1184d
Add well-known redirects to htaccess
...
Fixes:
http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-232
http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-445
2012-04-15 17:11:03 +02:00
Georg Ehrke
ec40f69c9e
add error 403 site
2012-03-25 14:16:39 +02:00
Stefan Göckeritz
d9db6e73d8
bugfix for oc-236
2012-02-10 19:40:18 +01:00
Robin Appelman
4c8f17ad47
don't try to use mod_rewrite when it isn't enabled
...
having a broken web/card/caldav is much better as having no ownCloud at all :)
2012-01-03 04:55:57 +01:00
Bartek Przybylski
3c42867109
merged
2011-12-21 18:35:29 +01:00
Sean Leonard
70014c4fd0
Removed if !mod_php5.c around RewriteRule
...
Made things work on Dreamhost shared hosting
2011-11-04 17:16:01 -07:00
Bartek Przybylski
865be6064a
adjusting to new db "api", merge with master
2011-10-27 21:16:04 +02:00
Georg Ehrke
a01d10e57d
Merge branch 'master' into calendar
2011-10-13 21:59:16 +02:00
Robin Appelman
f1fd374a6f
webdav workaround for apache+php-cgi
2011-10-13 16:33:39 +02:00
Bartek Przybylski
c3d7ffc877
adding tmp icon for app, extending memory size for php in .htaccess
2011-10-02 17:52:11 +02:00
Bartek Przybylski
339d417420
removing add new album button, removing logs, and unused code
2011-10-01 22:36:01 +02:00
Tom Needham
1f74e76d83
Implemented ace-edtior as an app. Basic file editing and saving supported.
2011-09-28 15:15:04 +01:00
Robin Appelman
d851bdac90
fix .htaccess file crashing apache+php-cgi
2011-08-22 17:18:54 +02:00
Robin Appelman
3747ba928f
Set max upload size to something sane
...
we cant use a very high value since some apache configurations dont seem to handle it properly
2011-08-12 09:46:35 +02:00
Robin Appelman
0bcb4a6a8f
set default max upload size in the .htaccess file to something rediculous
...
and don't show the max filesize message when the limit is over 10GB
2011-08-11 21:00:18 +02:00
Kamil Domanski
2073d3b08e
fix 404
2011-06-23 23:47:46 +02:00
Kamil Domanski
5aa8f16bbf
forbid indexes
2011-06-23 23:14:09 +02:00
Robin Appelman
1eb0faa264
make fileactions extendable by plugins
2011-06-04 20:16:44 +02:00