summaryrefslogtreecommitdiffstats
path: root/.htaccess
Commit message (Collapse)AuthorAgeFilesLines
* Remove legacy non-working rewrites in .htaccessRealRancor2015-10-151-2/+0
|
* Master is now 9.0.0 developmentJoas Schilling2015-10-141-1/+1
|
* Fix .htaccess: php_value should be integerRealRancor2015-09-291-1/+1
|
* properly indent .htaccessMorris Jobke2015-08-161-24/+24
|
* This will be 8.2 in the futureFrank Karlitschek2015-07-011-1/+1
|
* Merge pull request #15042 from wolfgangkarall/masterLukas Reschke2015-03-301-2/+2
|\ | | | | .htaccess RewriteRules: use permanent redirect for .well-known/(cal|card)dav, add 'L' flag
| * use permanent redirect for .well-known/(cal|card)dav, add 'L' flagWolfgang Karall2015-03-191-2/+2
| |
* | Add some generic default headers as well via PHPLukas Reschke2015-03-261-16/+21
|/
* Let users configure security headers in their WebserverLukas Reschke2015-03-021-0/+4
| | | | | | | | | | Doing this in the PHP code is not the right approach for multiple reasons: 1. A bug in the PHP code prevents them from being added to the response. 2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud) 3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations. This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
* Fix version revLukas Reschke2015-02-281-1/+1
|
* This is 8.0.1 nowFrank Karlitschek2015-02-281-1/+1
|
* Use "off" and "off" instead of true booleansLukas Reschke2015-02-231-1/+1
| | | | | | Apparently a boolean in php.ini is according to the documentation "on" or "off"… Fixes itself.
* Add expected values to default config as wellLukas Reschke2015-02-211-0/+1
|
* Setting default charset to UTF-8 in .htaccess and .user.iniFernando Rodriguez Sela2015-02-101-0/+1
|
* Reference module with `.c`Lukas Reschke2015-01-281-2/+2
| | | | Fixes https://github.com/owncloud/core/issues/13657
* Add check for `HTTP_RAW_POST_DATA` setting for >= 5.6Lukas Reschke2015-01-221-0/+1
| | | | | | PHP 5.6 otherwise throws notices for perfectly valid code which results in broken endpoints. Fixes https://github.com/owncloud/core/issues/13592
* Add version to .htaccessLukas Reschke2015-01-081-0/+1
| | | | | | | | | Currently if a user does not replace the .htaccess file with the new update this can lead to serious problems in case Apache is used as webserver. This commit adds the version to the .htaccess file and the update routine fails in case not the newest version is specified in there. This obviously means that every release has to update the version specified in .htaccess as well. But I see no better solution for it. Conflicts: lib/private/updater.php
* escape . in htaccess regex for CSS and JS HTTP headersMorris Jobke2015-01-051-1/+1
|
* blocked 3rdparty instead of l10nRobert Jäckel2014-11-271-1/+1
|
* restrict access to public files onlyRobert Jäckel2014-11-271-0/+2
| | | use mod_rewrite to pretend theese files are not existend for security purposes
* adding cache control headers for css and js - fixes #11496Thomas Müller2014-10-141-0/+5
|
* That file was accidentally commited. Partially revert ↵Lukas Reschke2014-06-161-3/+0
| | | | https://github.com/owncloud/core/commit/f2fc214ce0455ce9a9def36bd09285e82b5eabec
* Add deprecation notice to load* functionsLukas Reschke2014-06-161-0/+3
| | | | | | This functions are deprecated and/or removed since ownCloud 7. Additionally a issubdirectory check has been added here to prevent developers to use this function in a potentially insecure way. Port of https://github.com/owncloud/core/pull/9033
* Remove legacy routing codeLukas Reschke2014-06-051-1/+0
| | | | | | | | | | | | | | | | | | | The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application. This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app. Testplan: [x] Installation works [x] Login with DB works [x] Logout works [x] Login with alternate backend works (tested with user_webdavauth) [x] Other apps are accessible [x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled) [x] Personal settings are accessible [x] Admin settings are accessible [x] Sharing files works [x] DAV works [x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
* Remove trailing tabFelix Eckhofer2014-04-281-1/+1
|
* Escape literal dots in mod_rewrite regexesFelix Eckhofer2014-04-281-6/+6
|
* Remove .htaccess creation codeLukas Reschke2014-02-281-2/+0
| | | | | 1. We're maintaining the same code twice which leads inevitably to problems as this one. The createHtaccess routine is only used to use the correct paths to the 404 and 403 document. 2. Updating the ownCloud instance as described in our documentation (`Delete everything from your ownCloud installation directory, except data and config.`) will break the links to the ErrorDocuments anyways and show the default error handlers if ownCloud is not installed in the root directory.
* remove css files from rewrite rule - there is no need to rewrite css any moreThomas Müller2014-01-231-1/+1
|
* turn off mod_pagespeedThomas Müller2014-01-081-0/+3
|
* disable mbstring.func_overloadThomas Tanghus2013-05-101-0/+1
|
* Try to prefer index.php over index.html in the same directoryDaniel Molkentin2013-04-241-0/+3
| | | | | Add JS redirect if that fails (HTTP-based redirects are disabled by default in more recent Firefox versions).
* remove php_valueMyles McNamara2013-03-071-1/+0
| | | php_value can only be used with mod_php, using it with FCGI will cause 500 Internal Server errors.  This needs to be set in php.ini manually or set using ini_set().
* Refix #1931Brice Maron2013-02-271-1/+1
|
* Merge pull request #1931 from owncloud/fastcgiThomas Müller2013-02-261-0/+1
|\ | | | | add cgi pathinfo when fcgi is enabled #1189
| * add cgi pathinfo when fcgi is enabled #1189Bernhard Posselt2013-02-261-0/+1
| |
* | added defaultcharset to utf-8 in htaccessBernhard Posselt2013-02-261-0/+1
|/
* add /.well-known/host-meta.json to .htaccessMichiel de Jong2012-11-101-0/+1
|
* Fix WebDAV (and Android Client) not being able to authorize on Debian ↵Stefan Seidel2012-11-091-0/+8
| | | | Squeeze + mod_fcgid installs.
* add svg mimetype to default htaccessRobin Appelman2012-10-281-0/+4
|
* update translationsRobin Appelman2012-06-061-2/+2
|
* add caldav and carddav files in their old place for backward compatibility - ↵Georg Ehrke2012-05-161-1/+3
| | | | add rewriterule for caldav and carddav
* move auth.css and remoteStorage-big.png to assets folders From where they ↵Michiel de Jong2012-05-141-1/+1
| | | | can be included
* remove redirects in htaccess to improve compatibility with desktop clientGeorg Ehrke2012-05-141-4/+0
|
* trying to fix /.well-known/host-metaMichiel de Jong2012-05-111-1/+2
|
* remove empty line in .htaccessGeorg Ehrke2012-05-101-3/+2
|
* update htaccess file and remove remote folderGeorg Ehrke2012-05-071-6/+6
|
* Working remote.php with webdav and caldavBart Visscher2012-05-061-0/+1
|
* Better regex for old apps rewrite ruleBart Visscher2012-05-031-1/+1
|
* Catch old app paths, change them to new formBart Visscher2012-05-021-2/+4
|
* create folder 'remote' for the remote services like caldav, carddav and webdavGeorg Ehrke2012-05-021-3/+7
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-27 04:23:24 +0000