Release v0.9.6

-----BEGIN PGP SIGNATURE----- iQFLBAABCAA1FiEEEv0k8DWUT53dSMUkR6bSrUEA328FAlq349YXHHZpcnR1YWx0 YW1AZmxpYmlkaS5uZXQACgkQR6bSrUEA32+riAf/UmmxZHmoNnSBGqleKtIoTVLn 71zPp9LuQiWxRNOd4oZMi6GWj4kxpwOzDhhkQ9Y7ywTX9K5/ilg2FD2LiJEd5FCt xzAeyp+jCThZwlxXOwnPPwD6WtmBf0nkf2j7mNIQq3wmZEQSRkyuE2n0pugaXzXF Xe2/plQ72YuARDsoJCkgQqmrK1DBSqE4YPmtpIHnG2k565NUPbZgtORrhcBrJPVc 2X11DOvtHMoTJADSS+QoBr6r9PQhBonMBGRDhQJN+g3sg1TNv8mQtb4r2F0YU06w 3cYWMQbBK/rL0KJeJ8ix8xpyCz0dmBLsTnjhIDkTNyy6AyyLBhOXU7DA2rhWdg== =xtBU -----END PGP SIGNATURE----- Merge tag 'v0.9.6' into latest Release v0.9.6
2018-03-25 20:04:42 +02:00 · 2018-03-25 20:04:42 +02:00 · 76004d331b
parent 2c6e9ce465 e36479d9ff
commit 76004d331b
3 changed files with 18 additions and 2 deletions
--- a/.htaccess
+++ b/.htaccess
@ -1,4 +1,16 @@
+# Disable directory listing
+Options -Indexes
+
 RewriteEngine On
+
+# Prevent accessing subdirectories not managed by SCM
+RewriteRule ^(.git|doxygen|vendor) - [F]
+
+# Forward the "Authorization" HTTP header
+RewriteCond %{HTTP:Authorization} ^(.*)
+RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+
+# REST API
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^ index.php [QSA,L]
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,7 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).

-## [v0.10.0](https://github.com/shaarli/Shaarli/releases/tag/v0.10.0) - UNPUBLISHED
+## [v0.9.6](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6) - 2018-03-25
+## Changed
+- htaccess: prevent accessing resources not managed by SCM
+- htaccess: always forward the 'Authorization' HTTP header
+

 ## [v0.9.5](https://github.com/shaarli/Shaarli/releases/tag/v0.9.5) - 2018-02-02
 ### Fixed
--- a/shaarli_version.php
+++ b/shaarli_version.php
@ -1 +1 @@
-<?php /* 0.9.5 */ ?>
+<?php /* 0.9.6 */ ?>