Overview

File seeddms.conf of Package seeddms

Alias /seeddms "/srv/www/seeddms"

<Directory "/srv/www/seeddms">

    AllowOverride All
    Options FollowSymLinks
    <IfModule mod_authz_core.c>
      # Apache 2.4
      Require all granted
    </IfModule>
    <IfModule !mod_authz_core.c>
      # Apache 2.2
      Order allow,deny
      Allow from all
    </IfModule>
    
    Options -Indexes

    <IfModule mod_headers.c>
        Header set Strict-Transport-Security: "max-age=15768000; includeSubDomains; preload"
        Header set X-Content-Type-Options: "nosniff"
    </IfModule>

    RewriteEngine On
    #RewriteRule "^favicon\.ico$" "-" [L]
    #RewriteRule "^(favicon\.ico)$" %{HTTP_HOST}/views/bootstrap/images/favicon.svg [L,NC]
    RewriteRule "(favicon\.ico)" /views/bootstrap/images/favicon.svg [L,NC]

    # Store the current location in an environment variable CWD to use
    # mod_rewrite in .htaccess files without knowing the RewriteBase
    RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
    RewriteRule ^.*$ - [E=CWD:%2]

    # Do not allow access on the other directories in www
    RewriteRule "^utils/.*$" "" [F]
    RewriteRule "^doc/.*$" "" [F]

    # Anything below the following dirs will never be rewritten
    RewriteRule "^pdfviewer/.*$" "-" [L]
    RewriteRule "^views/.*/images.*$" "-" [L]
    RewriteRule "^out/images.*$" "-" [L]
    RewriteRule "^styles/.*$" "-" [L]

    # Accessing a file in an extension is only possible in one
    # of the directories op, out. res
    # Added for old extensions which do not use routes
    RewriteRule ^ext/[^/]+/icon.(?:png|svg)$ - [L]
    RewriteCond %{REQUEST_URI} "ext/[^/]+/"
    RewriteRule !^ext/[^/]+/.*(?:op|out|res|node_modules) - [F]
    RewriteCond %{REQUEST_URI} "ext/[^/]+/res/.*$" [NC]
    RewriteRule !^ext/[^/]+/res/.*\.(?:css|js|png|svg) - [F]
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^ext/.*$ - [L]

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l
    RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
    
</Directory>


<Directory "/srv/www/seeddms/op">
    RewriteEngine on
    RewriteCond %{REQUEST_URI} (.*)viewonline/([0-9]+)/([0-9]+)/(.+)$
    RewriteRule (.*)viewonline/([0-9]+)/([0-9]+)/(.+)$ $1op.ViewOnline.php?request=$2:$3 [PT]
</Directory>

<Directory "/srv/www/seeddms/restapi">
    RewriteEngine on
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    <Files ~ "^swagger\.yaml">
        SetHandler application/x-httpd-php
    <IfModule mod_headers.c>
        Header set Access-Control-Allow-Origin "*"
        Header set Access-Control-Allow-Methods "GET"
        Header set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Accept, Origin, Authorization"
    </IfModule>
    </Files>
</Directory>

<Directory "/srv/www/seeddms/styles">
    Options -Indexes
</Directory>

<Directory "/srv/www/seeddms/utils">
    # line below if for Apache 2.4
    <ifModule mod_authz_core.c>
        Require all denied
    </ifModule>
    # line below if for Apache 2.2
    <ifModule !mod_authz_core.c>
        deny from all
        Satisfy All
    </ifModule>
    # section for Apache 2.2 and 2.4
    <ifModule mod_autoindex.c>
        IndexIgnore *
    </ifModule>
</Directory>

<Directory "/srv/www/seeddms/webdav">
    RewriteEngine on
    RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
</Directory>

<Directory "/etc/seeddms">
    # Make sure settings.xml can not be opened from outside!
    # Deny all requests from Apache 2.4+.
    <IfModule mod_authz_core.c>
        Require all denied
    </IfModule>
    # Deny all requests from Apache 2.0-2.2.
    <IfModule !mod_authz_core.c>
        Deny from all
    </IfModule>
</Directory>
openSUSE Build Service is sponsored by
Places