[koha-commits] main Koha release repository branch 19.05.x updated. v19.05.09-93-gd10e44a9d7
Git repo owner
gitmaster at git.koha-community.org
Wed Apr 22 22:21:11 CEST 2020
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, 19.05.x has been updated
via d10e44a9d7672873147c9b29cb9880ee54c1b9b5 (commit)
from d8c747fcf40aa0fac4d4cef8d2a4d5117ce7bf00 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d10e44a9d7672873147c9b29cb9880ee54c1b9b5
Author: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Date: Thu Jul 14 13:51:21 2016 +0200
Bug 16922: Add RewriteRule to apache-shared-intranet for dev package installs
As a simple alternative to the solution in bug 9949 or just as an
additional measure, this patch adds a rewrite rule for intranet
in order to intercept potential misuse of perl scripts that could be
reached on a dev package install via the cgi-bin/koha scriptalias.
It simply rewrites them to the nonexistent "notfound", resulting in a
regular 404 error.
The rewrite rule does not harm regular installs and is just a little extra
step in securing a dev install. You should have more security measures in
place to secure your staff client.
QA Note: Although a rewrite rule may not be our first choice, this one
rule is more elegant and easier to maintain than e.g. a whole bunch of
aliases.
Note: This patch should have a regular and a dev install signoff.
Test plan:
[1] Make sure that this rewrite rule is inserted in your actual apache
config via /etc/koha/apache-shared-intranet.conf. Restart Apache.
[2] For regular package installs:
Try one of the URLs in step 3.
Verify that your staff client still operates as usual. Test a few
URLs inside some modules.
[3] For dev installs:
Try some URLs like below.
Expect 404 errors only, not 500s. If you do not see a 404, go back!
/misc/stage_file.pl
/t/db_dependent/default_search_class.pl
/installer/data/mysql/updatedatabase.pl
/Makefile.PL
[4] Do you see an additional directory to add to the regex? Please report.
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
Signed-off-by: Joy Nelson <joy at bywatersolutions.com>
(cherry picked from commit 3401e94d942a8d8a4e216ea44bd295f96b8f3e24)
Signed-off-by: Lucas Gass <lucas at bywatersolutions.com>
-----------------------------------------------------------------------
Summary of changes:
debian/templates/apache-shared-intranet.conf | 3 +++
1 file changed, 3 insertions(+)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list