2018-01-20 16:20:53 +01:00
|
|
|
# Disable directory listing
|
|
|
|
|
Options -Indexes
|
|
|
|
|
|
2016-12-15 10:13:00 +01:00
|
|
|
RewriteEngine On
|
2018-01-20 16:20:53 +01:00
|
|
|
|
|
|
|
|
# Prevent accessing subdirectories not managed by SCM
|
|
|
|
|
RewriteRule ^(.git|doxygen|vendor) - [F]
|
|
|
|
|
|
2018-03-22 22:23:41 +01:00
|
|
|
# Forward the "Authorization" HTTP header
|
**General rewording, proof-reading, deduplication, shortening, reordering, simplification, cleanup/formatting/standardization**
- standardize page names, rework documentation structure, update TOC
- use same example paths everywhere
- level 1 titles on all pages
- fix broken links
- .md suffix on all page links (works both from readthedocs and github repository views)
**Server:**
A full and concise installation guide with examples is a frequent request. The documentation should provide such a guide for basic installation needs, while explaining alternative/advanced configuration at the end. Links to reference guides and documentation should be used more frequently to avoid recommending an outdated or excessively complex configuration.
- server: move most server-related info to server-configuration.md, cleanup/shorten
- server: update list of php dependencies/libraries, link to composer.json
- server: installation: support 3 install methods (from release zip, from sources, using docker)
- server: installation: use rsync instead of mv as mv results will change depending of taget directory already existing or not
- server: add example/basic usage of certbot
- server, upgrade, installation: update file permissions setup, use sudo for upgrade operations in webserver document root
- server: apache: add comments to configuration, fix and factorize file permissions setup, set cache-control header, deny access to dotfiles, add missing apache config steps, add http->https redirect example
- server: nginx: refactor nginx configuration, add comments, DO log access to denied/protected files
- server: add links to MDN for x-forwarded-* http headers explanation, cleanup/clarify robots.txt and crawlers section
- server: bump file upload size limit to 100MB we have reports of bookmark exports weighing +40MB - i have a 13MB one here
- server: simplify phpinfo documentation
- server: move backup and restore information to dedicated page
- docker: move all docker docs to Docker.md, simplify/ docker setup, add docker-compose.yml example, replace docker-101 with docker cheatsheet
- troubleshooting: move all troubleshooting documentation to troubleshooting.md
**Usage:**
- index: add getting started section on index page
- features/usage: move all usage-related documentation to usage.md, add links from the main feature list to corresponding usage docs, clarify/reword features list
- shaarli configuration: add note about configuring from web interface
**Removed:**
- remove obsolete/orphan images
- remove obsolete shaarchiver example
- remove outdated "decode datastore content" snippet
**Development:**
- development: move development-related docs (static analysis, CI, unit tests, 3rd party libs, link structure/directory, guidelines, security....) to dev/ directory
- development: Merge several pages to development.md
- **Breaking change?:** remove mentions of 'stable' branch, switch to new branch/release model (master=latest commit, release=latest tag)
- **Breaking change?:** refer to base sharing unit as "Shaare" everywhere (TODO: reflect changes in the code?) doc: update featues list/link to usage.md for details
- development: directory structure: add note about required file permissions
- .travis-ci.yml: add comments
- .htaccess: add comment
2020-05-16 12:54:51 +02:00
|
|
|
# fixes JWT token not correctly forwarded on some Apache/FastCGI setups
|
2018-03-22 22:23:41 +01:00
|
|
|
RewriteCond %{HTTP:Authorization} ^(.*)
|
|
|
|
|
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
|
|
|
|
|
|
2018-01-20 16:20:53 +01:00
|
|
|
# REST API
|
2016-12-15 10:13:00 +01:00
|
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
|
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
|
|
|
RewriteRule ^ index.php [QSA,L]
|
2018-07-05 20:47:26 +02:00
|
|
|
|
|
|
|
|
<Limit GET POST PUT DELETE OPTIONS>
|
2018-08-10 17:45:29 +02:00
|
|
|
<IfModule version_module>
|
|
|
|
|
<IfVersion >= 2.4>
|
|
|
|
|
Require all granted
|
|
|
|
|
</IfVersion>
|
|
|
|
|
<IfVersion < 2.4>
|
|
|
|
|
Allow from all
|
|
|
|
|
Deny from none
|
|
|
|
|
</IfVersion>
|
|
|
|
|
</IfModule>
|
|
|
|
|
|
|
|
|
|
<IfModule !version_module>
|
2018-07-05 20:47:26 +02:00
|
|
|
Require all granted
|
2018-08-10 17:45:29 +02:00
|
|
|
</IfModule>
|
2018-07-05 20:47:26 +02:00
|
|
|
</Limit>
|
2018-08-10 17:45:29 +02:00
|
|
|
|
2018-07-05 20:47:26 +02:00
|
|
|
<LimitExcept GET POST PUT DELETE OPTIONS>
|
2018-08-10 17:45:29 +02:00
|
|
|
<IfModule version_module>
|
|
|
|
|
<IfVersion >= 2.4>
|
|
|
|
|
Require all denied
|
|
|
|
|
</IfVersion>
|
|
|
|
|
<IfVersion < 2.4>
|
|
|
|
|
Allow from none
|
|
|
|
|
Deny from all
|
|
|
|
|
</IfVersion>
|
|
|
|
|
</IfModule>
|
|
|
|
|
|
|
|
|
|
<IfModule !version_module>
|
2018-07-05 20:47:26 +02:00
|
|
|
Require all denied
|
2018-08-10 17:45:29 +02:00
|
|
|
</IfModule>
|
2018-07-05 20:47:26 +02:00
|
|
|
</LimitExcept>
|
