fix downloading dotfiles through ownCloud's webdav

fixes #414
This commit is contained in:
Joshua Tauberer 2015-05-30 18:03:37 +00:00
parent 49aa367ffa
commit a0e6c7ceb6
2 changed files with 15 additions and 7 deletions

View file

@ -24,6 +24,7 @@
# /cloud/index.php/apps/files/ # /cloud/index.php/apps/files/
# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d) # /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240) # /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
# /cloud/remote.php/webdav/yourfilehere...
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2; fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
fastcgi_param SCRIPT_NAME $1$2; fastcgi_param SCRIPT_NAME $1$2;

View file

@ -54,13 +54,6 @@ server {
alias /var/lib/mailinabox/mozilla-autoconfig.xml; alias /var/lib/mailinabox/mozilla-autoconfig.xml;
} }
# Disable viewing dotfiles (.htaccess, .svn, .git, etc.)
location ~ /\.(ht|svn|git|hg|bzr) {
log_not_found off;
access_log off;
deny all;
}
# Roundcube Webmail configuration. # Roundcube Webmail configuration.
rewrite ^/mail$ /mail/ redirect; rewrite ^/mail$ /mail/ redirect;
rewrite ^/mail/$ /mail/index.php; rewrite ^/mail/$ /mail/index.php;
@ -106,4 +99,18 @@ server {
# ADDITIONAL DIRECTIVES HERE # ADDITIONAL DIRECTIVES HERE
# Disable viewing dotfiles (.htaccess, .svn, .git, etc.)
# This block is placed at the end. Nginx's precedence rules means this block
# takes precedence over all non-regex matches and only regex matches that
# come after it (i.e. none of those, since this is the last one.) That means
# we're blocking dotfiles in the static hosted sites but not the FastCGI-
# handled locations for ownCloud (which serves user-uploaded files that might
# have this pattern, see #414) or some of the other services.
location ~ /\.(ht|svn|git|hg|bzr) {
log_not_found off;
access_log off;
deny all;
}
} }