codesite-noreply at google
Sep 26, 2009, 2:55 PM
Post #1 of 1
(247 views)
Permalink
|
|
Issue 586 in cherokee: Drupal wizard does not secure internal files
|
|
Status: New
Owner: ----
New issue 586 by praseodym: Drupal wizard does not secure internal files
http://code.google.com/p/cherokee/issues/detail?id=586
The official Drupal htaccess provides the following rule to prevent access
to internal files, such as
module code.
<FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|
tpl(\.php)?
|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$">
Order allow,deny
</FilesMatch>
It would be greatly appreciated if a similar rule would be added to the
Drupal wizard by default.
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev
|
