Bug 319241: Bugzilla.pm is freely accessible from the web - Patch by Frédéric Buclin...

author lpsolit%gmail.com <>

Mon, 12 Dec 2005 10:55:46 +0000 (10:55 +0000)

committer lpsolit%gmail.com <>

Mon, 12 Dec 2005 10:55:46 +0000 (10:55 +0000)
author lpsolit%gmail.com <>
Mon, 12 Dec 2005 10:55:46 +0000 (10:55 +0000)
committer lpsolit%gmail.com <>
Mon, 12 Dec 2005 10:55:46 +0000 (10:55 +0000)
diff --git a/checksetup.pl b/checksetup.pl

index 5d901b646b57a28e691e109a913d3d3478a68235..614d1d7aa71e603e34a97263d2924fc22c1f0c59 100755 (executable)
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -1014,7 +1014,7 @@ if ($my_create_htaccess) {
      open HTACCESS, '>', '.htaccess';
      print HTACCESS <<'END';
  # don't allow people to retrieve non-cgi executable files or our private data
-<FilesMatch ^(.*\.pl|.*localconfig.*)$>
+<FilesMatch ^(.*\.pm|.*\.pl|.*localconfig.*)$>
    deny from all
  </FilesMatch>
  END
@@ -1028,7 +1028,15 @@ END
        $oldaccess .= $_;
      }
      close HTACCESS;
+    my $repaired = 0;
      if ($oldaccess =~ s/\|localconfig\|/\|.*localconfig.*\|/) {
+        $repaired = 1;
+    }
+    if ($oldaccess !~ /\(\.\*\\\.pm\|/) {
+        $oldaccess =~ s/\(/(.*\\.pm\|/;
+        $repaired = 1;
+    }
+    if ($repaired) {
        print "Repairing .htaccess...\n";
        open HTACCESS, '>', '.htaccess';
        print HTACCESS $oldaccess;
author	lpsolit%gmail.com <>
	Mon, 12 Dec 2005 10:55:46 +0000 (10:55 +0000)
committer	lpsolit%gmail.com <>
	Mon, 12 Dec 2005 10:55:46 +0000 (10:55 +0000)