Remove .htaccess creation code

1. We're maintaining the same code twice which leads inevitably to problems as this one. The createHtaccess routine is only used to use the correct paths to the 404 and 403 document.
2. Updating the ownCloud instance as described in our documentation (`Delete everything from your ownCloud installation directory, except data and config.`) will break the links to the ErrorDocuments anyways and show the default error handlers if ownCloud is not installed in the root directory.

4 files changed, 15 insertions, 49 deletions

diff --git a/.htaccess b/.htaccess
index 4ba5095e144..e1ded52dcd9 100755..100644
--- a/.htaccess
+++ b/.htaccess
@@ -6,8 +6,6 @@ RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
 </IfModule>
 </IfModule>
 </IfModule>
-ErrorDocument 403 /core/templates/403.php
-ErrorDocument 404 /core/templates/404.php
 <IfModule mod_php5.c>
 php_value upload_max_filesize 513M
 php_value post_max_size 513M
diff --git a/lib/private/setup.php b/lib/private/setup.php
index 3906204bda3..25e536543f4 100644
--- a/lib/private/setup.php
+++ b/lib/private/setup.php
@@ -106,9 +106,10 @@ class OC_Setup {
 			//guess what this does
 			OC_Installer::installShippedApps();
 
-			//create htaccess files for apache hosts
+			// Update htaccess files for apache hosts
 			if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
-				self::createHtaccess();
+				self::updateHtaccess();
+				self::protectDataDirectory();
 			}
 
 			//and we are done
@@ -119,52 +120,13 @@ class OC_Setup {
 	}
 
 	/**
-	 * create .htaccess files for apache hosts
+	 * Append the correct ErrorDocument path for Apache hosts
 	 */
-	private static function createHtaccess() {
-		$content = "<IfModule mod_fcgid.c>\n";
-		$content.= "<IfModule mod_setenvif.c>\n";
-		$content.= "<IfModule mod_headers.c>\n";
-		$content.= "SetEnvIfNoCase ^Authorization$ \"(.+)\" XAUTHORIZATION=$1\n";
-		$content.= "RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION\n";
-		$content.= "</IfModule>\n";
-		$content.= "</IfModule>\n";
-		$content.= "</IfModule>\n";
+	public static function updateHtaccess() {
+		$content.= "\n";
 		$content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page
-		$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page
-		$content.= "<IfModule mod_php5.c>\n";
-		$content.= "php_value upload_max_filesize 512M\n";//upload limit
-		$content.= "php_value post_max_size 512M\n";
-		$content.= "php_value memory_limit 512M\n";
-		$content.= "php_value mbstring.func_overload 0\n";
-		$content.= "<IfModule env_module>\n";
-		$content.= "  SetEnv htaccessWorking true\n";
-		$content.= "</IfModule>\n";
-		$content.= "</IfModule>\n";
-		$content.= "<IfModule mod_rewrite.c>\n";
-		$content.= "RewriteEngine on\n";
-		$content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n";
-		$content.= "RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]\n";
-		$content.= "RewriteRule ^.well-known/carddav /remote.php/carddav/ [R]\n";
-		$content.= "RewriteRule ^.well-known/caldav /remote.php/caldav/ [R]\n";
-		$content.= "RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]\n";
-		$content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n";
-		$content.= "</IfModule>\n";
-		$content.= "<IfModule mod_mime.c>\n";
-		$content.= "AddType image/svg+xml svg svgz\n";
-		$content.= "AddEncoding gzip svgz\n";
-		$content.= "</IfModule>\n";
-		$content.= "<IfModule dir_module>\n";
-		$content.= "DirectoryIndex index.php index.html\n";
-		$content.= "</IfModule>\n";
-		$content.= "AddDefaultCharset utf-8\n";
-		$content.= "Options -Indexes\n";
-		$content.= "<IfModule pagespeed_module>\n";
-		$content.= "ModPagespeed Off\n";
-		$content.= "</IfModule>\n";
-		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it
-
-		self::protectDataDirectory();
+		$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php";//custom 404 error page
+		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content, FILE_APPEND); //supress errors in case we don't have permissions for it
 	}
 
 	public static function protectDataDirectory() {
diff --git a/lib/private/updater.php b/lib/private/updater.php
index f05d5038b76..67764771fd0 100644
--- a/lib/private/updater.php
+++ b/lib/private/updater.php
@@ -92,6 +92,7 @@ class Updater extends BasicEmitter {
 
 	/**
 	 * runs the update actions in maintenance mode, does not upgrade the source files
+	 * except the main .htaccess file
 	 */
 	public function upgrade() {
 		\OC_DB::enableCaching(false);
@@ -103,6 +104,11 @@ class Updater extends BasicEmitter {
 		}
 		$this->emit('\OC\Updater', 'maintenanceStart');
 
+		// Update htaccess files for apache hosts
+		if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
+			\OC_Setup::updateHtaccess();
+		}
+
 		/*
 		 * START CONFIG CHANGES FOR OLDER VERSIONS
 		 */
diff --git a/version.php b/version.php
index 470aa895072..5e5fa22cf8b 100644
--- a/version.php
+++ b/version.php
@@ -1,7 +1,7 @@
 <?php
 
 // We only can count up. The 4. digit is only for the internal patchlevel to trigger DB upgrades between betas, final and RCs. This is _not_ the public version number. Reset minor/patchlevel when updating major/minor version number.
-$OC_Version=array(6, 90, 0, 1);
+$OC_Version=array(6, 90, 0, 2);
 
 // The human readable string
 $OC_VersionString='7.0 pre alpha';