From c96d672810ae524aedf9ffff08dcca773cd9a876 Mon Sep 17 00:00:00 2001 From: joey Date: Wed, 25 Jul 2007 03:36:53 +0000 Subject: massive patchqueue reorg patches can now be anywhere and tagged patch to show up on the patch list. Moved all the patchqueue stuff to todo items; some of it was merged into existing todo items. --- doc/patchqueue/enable-htaccess-files.mdwn | 28 ---------------------------- 1 file changed, 28 deletions(-) delete mode 100644 doc/patchqueue/enable-htaccess-files.mdwn (limited to 'doc/patchqueue/enable-htaccess-files.mdwn') diff --git a/doc/patchqueue/enable-htaccess-files.mdwn b/doc/patchqueue/enable-htaccess-files.mdwn deleted file mode 100644 index ed968b195..000000000 --- a/doc/patchqueue/enable-htaccess-files.mdwn +++ /dev/null @@ -1,28 +0,0 @@ - Index: IkiWiki.pm - =================================================================== - --- IkiWiki.pm (revision 2981) - +++ IkiWiki.pm (working copy) - @@ -26,7 +26,7 @@ - memoize("file_pruned"); - - sub defaultconfig () { #{{{ - - wiki_file_prune_regexps => [qr/\.\./, qr/^\./, qr/\/\./, - + wiki_file_prune_regexps => [qr/\.\./, qr/^\.(?!htaccess)/, qr/\/\.(?!htaccess)/, - qr/\.x?html?$/, qr/\.ikiwiki-new$/, - qr/(^|\/).svn\//, qr/.arch-ids\//, qr/{arch}\//], - wiki_link_regexp => qr/\[\[(?:([^\]\|]+)\|)?([^\s\]#]+)(?:#([^\s\]]+))?\]\]/, - - -This lets the site administrator have a `.htaccess` file in their underlay -directory, say, then get it copied over when the wiki is built. Without -this, installations that are located at the root of a domain don't get the -benefit of `.htaccess` such as improved directory listings, IP blocking, -URL rewriting, authorisation, etc. - -> I'm concerned about security ramifications of this patch. While ikiwiki -> won't allow editing such a .htaccess file in the web interface, it would -> be possible for a user who has svn commit access to the wiki to use it to -> add a .htaccess file that does $EVIL. -> -> Perhaps this should be something that is configurable via the setup file -> instead. --[[Joey]] -- cgit v1.2.3