extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-21 23:43:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

disallow access to vendor directory of apps

Browse Source
This commit is contained in:
Ralf Becker 2020-06-05 11:46:50 +02:00
parent a6a27b8bcf
commit 7079b30316
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/docker/nginx.conf
View File

@ -42,7 +42,7 @@ server {
try_files $uri $uri/ =404;
location ~ ^/egroupware(/(?U).+\.php) {
# do not allow to call files ment to be included only
location ~ ^$path/(vendor|[^/]+/(src|setup|inc))/ {
location ~ ^$path/(vendor|[^/]+/(src|setup|inc|vendor))/ {
return 404;
}
alias /usr/share/egroupware;

2
doc/rpm-build/nginx.conf
View File

@ -41,7 +41,7 @@ server {
try_files $uri $uri/ =404;
location ~ ^/egroupware(/(?U).+\.php) {
# do not allow to call files ment to be included only
location ~ ^/egroupware/(vendor|[^/]+/(src|setup|inc))/ {
location ~ ^/egroupware/(vendor|[^/]+/(src|setup|inc|vendor))/ {
return 404;
}
alias /usr/share/egroupware;