copr: backend: execute PHP only for dir-generator.php
This commit is contained in:
Pavel Raiskup
parent
55528ea6ba
commit
8ba5a4889f
1 changed files with 17 additions and 2 deletions
|
|
@ -88,8 +88,6 @@ server.modules = (
|
|||
{% endif %}
|
||||
)
|
||||
|
||||
cgi.assign = ( ".php" => "/usr/bin/php-cgi" )
|
||||
|
||||
##
|
||||
#######################################################################
|
||||
|
||||
|
|
@ -309,9 +307,26 @@ server.max-keep-alive-idle = 2
|
|||
## index-file.names = ( "index.php", "index.rb", "index.html",
|
||||
## "index.htm", "default.htm" )
|
||||
##
|
||||
|
||||
# Warning: This is sooo ugly.
|
||||
#
|
||||
# We only ever want to enable PHP CGI for the index generator file
|
||||
# 'dir-generator.phpj, nothing else - so people can not execute their own
|
||||
# scripts. IOW, non-conditional 'cgi.assign' can not be used!
|
||||
#
|
||||
# To make 'index-file.names' work correctly, we have to set 'cg.assign'
|
||||
# conditionally only on paths that both (a) end by slash (= directories) and
|
||||
# (b) do not contain 'dir-generator' string. This guards against
|
||||
# '/some/dir-generator.php/' hacks.
|
||||
|
||||
index-file.names = (
|
||||
"/dir-generator.php"
|
||||
)
|
||||
$HTTP["url"] =~ "/$" {
|
||||
$HTTP["url"] !~ "dir-generator" {
|
||||
cgi.assign = ( "/dir-generator.php" => "/usr/bin/php-cgi" )
|
||||
}
|
||||
}
|
||||
|
||||
##
|
||||
## deny access the file-extensions
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue