Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric…

Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=myk

Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric…
545a57e3 · lpsolit%gmail.com · c7bb724e · 545a57e3
Commit 545a57e3 authored Dec 12, 2005 by lpsolit%gmail.com
Show whitespace changes
Inline Side-by-side

Showing with 9 additions and 1 deletion

checksetup.pl checksetup.pl +9 -1

No files found.
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -1014,7 +1014,7 @@ if ($my_create_htaccess) {
    open HTACCESS, '>', '.htaccess';
    print HTACCESS <<'END';
 # don't allow people to retrieve non-cgi executable files or our private data
-<FilesMatch ^(.*\.pl|.*localconfig.*)$>
+<FilesMatch ^(.*\.pm|.*\.pl|.*localconfig.*)$>
  deny from all
 </FilesMatch>
 END
@@ -1028,7 +1028,15 @@ END
      $oldaccess .= $_;
    }
    close HTACCESS;
+    my $repaired = 0;
    if ($oldaccess =~ s/\|localconfig\|/\|.*localconfig.*\|/) {
+        $repaired = 1;
+    }
+    if ($oldaccess !~ /\(\.\*\\\.pm\|/) {
+        $oldaccess =~ s/\(/(.*\\.pm\|/;
+        $repaired = 1;
+    }
+    if ($repaired) {
      print "Repairing .htaccess...\n";
      open HTACCESS, '>', '.htaccess';
      print HTACCESS $oldaccess;