diff options
author | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-07-25 03:36:53 +0000 |
---|---|---|
committer | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-07-25 03:36:53 +0000 |
commit | c96d672810ae524aedf9ffff08dcca773cd9a876 (patch) | |
tree | 4d06c15920e5b1b60acdba2e4cea9c680ca5dc43 /doc/patchqueue/enable-htaccess-files.mdwn | |
parent | d63068b669f5b5450b01a3142c2efca448d3dfc3 (diff) |
massive patchqueue reorg
patches can now be anywhere and tagged patch to show up on the patch list.
Moved all the patchqueue stuff to todo items; some of it was merged into
existing todo items.
Diffstat (limited to 'doc/patchqueue/enable-htaccess-files.mdwn')
-rw-r--r-- | doc/patchqueue/enable-htaccess-files.mdwn | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/doc/patchqueue/enable-htaccess-files.mdwn b/doc/patchqueue/enable-htaccess-files.mdwn deleted file mode 100644 index ed968b195..000000000 --- a/doc/patchqueue/enable-htaccess-files.mdwn +++ /dev/null @@ -1,28 +0,0 @@ - Index: IkiWiki.pm - =================================================================== - --- IkiWiki.pm (revision 2981) - +++ IkiWiki.pm (working copy) - @@ -26,7 +26,7 @@ - memoize("file_pruned"); - - sub defaultconfig () { #{{{ - - wiki_file_prune_regexps => [qr/\.\./, qr/^\./, qr/\/\./, - + wiki_file_prune_regexps => [qr/\.\./, qr/^\.(?!htaccess)/, qr/\/\.(?!htaccess)/, - qr/\.x?html?$/, qr/\.ikiwiki-new$/, - qr/(^|\/).svn\//, qr/.arch-ids\//, qr/{arch}\//], - wiki_link_regexp => qr/\[\[(?:([^\]\|]+)\|)?([^\s\]#]+)(?:#([^\s\]]+))?\]\]/, - - -This lets the site administrator have a `.htaccess` file in their underlay -directory, say, then get it copied over when the wiki is built. Without -this, installations that are located at the root of a domain don't get the -benefit of `.htaccess` such as improved directory listings, IP blocking, -URL rewriting, authorisation, etc. - -> I'm concerned about security ramifications of this patch. While ikiwiki -> won't allow editing such a .htaccess file in the web interface, it would -> be possible for a user who has svn commit access to the wiki to use it to -> add a .htaccess file that does $EVIL. -> -> Perhaps this should be something that is configurable via the setup file -> instead. --[[Joey]] |