seeddms-code/.htaccess

Options -Indexes

<IfModule mod_headers.c>
Header set Strict-Transport-Security: "max-age=15768000; includeSubDomains; preload"
Header set X-Content-Type-Options: "nosniff"
</IfModule>

RewriteEngine On
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
#RewriteRule "^favicon\.ico$" "-" [L]
#RewriteRule "^(favicon\.ico)$" %{HTTP_HOST}/views/bootstrap/images/favicon.svg [L,NC]
RewriteRule "^(favicon\.ico)" /views/bootstrap/images/favicon.svg [L,NC]

# Store the current location in an environment variable CWD to use
# mod_rewrite in .htaccess files without knowing the RewriteBase
RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
RewriteRule ^.*$ - [E=CWD:%2]

# Do not allow access on the other directories in www
RewriteRule "^utils/.*$" "" [F]
RewriteRule "^doc/.*$" "" [F]

# Anything below the following dirs will never be rewritten
RewriteRule "^pdfviewer/.*$" "-" [L]
RewriteRule "^views/.*/images.*$" "-" [L]
RewriteRule "^out/images.*$" "-" [L]
RewriteRule "^styles/.*$" "-" [L]

# Accessing a file in an extension is only possible in one
# of the directories op, out. res
# Added for old extensions which do not use routes
RewriteRule ^ext/[^/]+/icon.(?:png|svg)$ - [L]
RewriteCond %{REQUEST_URI} "ext/[^/]+/"
RewriteRule !^ext/[^/]+/.*(?:op|out|res|node_modules) - [F]
RewriteCond %{REQUEST_URI} "ext/[^/]+/res/.*$" [NC]
RewriteRule !^ext/[^/]+/res/.*\.(?:css|js|png|gif|svg|ico|html|woff|ttf) - [F]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ext/.*$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
disallow directory index 2020-02-12 18:14:06 +00:00			`Options -Indexes`

set some security headers 2021-03-10 10:59:19 +00:00			`<IfModule mod_headers.c>`
			`Header set Strict-Transport-Security: "max-age=15768000; includeSubDomains; preload"`
			`Header set X-Content-Type-Options: "nosniff"`
			`</IfModule>`

.htaccess needed for new router code 2019-01-15 12:58:10 +00:00			`RewriteEngine On`
set HTTP_AUTHORIZATION header 2024-01-12 13:30:46 +00:00			`RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]`
fix rewrite rule for favicon 2021-10-08 08:03:03 +00:00			`#RewriteRule "^favicon\.ico$" "-" [L]`
			`#RewriteRule "^(favicon\.ico)$" %{HTTP_HOST}/views/bootstrap/images/favicon.svg [L,NC]`
allow facicon in extensions 2022-11-04 19:38:09 +00:00			`RewriteRule "^(favicon\.ico)" /views/bootstrap/images/favicon.svg [L,NC]`
rewrite favicon.ico 2019-01-18 12:04:19 +00:00
.htaccess needed for new router code 2019-01-15 12:58:10 +00:00			`# Store the current location in an environment variable CWD to use`
			`# mod_rewrite in .htaccess files without knowing the RewriteBase`
			`RewriteCond $0#%{REQUEST_URI} ([^#])#(.)\1$`
			`RewriteRule ^.*$ - [E=CWD:%2]`

protect utils and doc directory 2019-07-30 14:31:21 +00:00			`# Do not allow access on the other directories in www`
			`RewriteRule "^utils/.*$" "" [F]`
			`RewriteRule "^doc/.*$" "" [F]`

.htaccess needed for new router code 2019-01-15 12:58:10 +00:00			`# Anything below the following dirs will never be rewritten`
			`RewriteRule "^pdfviewer/.*$" "-" [L]`
all rewrite rule for all views, not just bootstrap 2020-08-27 05:53:22 +00:00			`RewriteRule "^views/./images.$" "-" [L]`
.htaccess needed for new router code 2019-01-15 12:58:10 +00:00			`RewriteRule "^out/images.*$" "-" [L]`
			`RewriteRule "^styles/.*$" "-" [L]`

more access restrictions on files in extensions 2022-04-19 09:02:27 +00:00			`# Accessing a file in an extension is only possible in one`
			`# of the directories op, out. res`
.htaccess needed for new router code 2019-01-15 12:58:10 +00:00			`# Added for old extensions which do not use routes`
more access restrictions on files in extensions 2022-04-19 09:02:27 +00:00			`RewriteRule ^ext/[^/]+/icon.(?:png\|svg)$ - [L]`
			`RewriteCond %{REQUEST_URI} "ext/[^/]+/"`
allow ext/*/node_modules 2022-06-16 10:45:56 +00:00			`RewriteRule !^ext/[^/]+/.*(?:op\|out\|res\|node_modules) - [F]`
more access restrictions on files in extensions 2022-04-19 09:02:27 +00:00			`RewriteCond %{REQUEST_URI} "ext/[^/]+/res/.*$" [NC]`
allow ttf files in directory 'res' 2023-11-23 14:50:25 +00:00			`RewriteRule !^ext/[^/]+/res/.*\.(?:css\|js\|png\|gif\|svg\|ico\|html\|woff\|ttf) - [F]`
.htaccess needed for new router code 2019-01-15 12:58:10 +00:00			`RewriteCond %{REQUEST_FILENAME} -f`
more access restrictions on files in extensions 2022-04-19 09:02:27 +00:00			`RewriteRule ^ext/.*$ - [L]`
.htaccess needed for new router code 2019-01-15 12:58:10 +00:00
			`RewriteCond %{REQUEST_FILENAME} !-f`
			`RewriteCond %{REQUEST_FILENAME} !-d`
			`RewriteCond %{REQUEST_FILENAME} !-l`
			`RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]`