@@ -26,7 +26,7 @@
memoize("file_pruned");
- sub defaultconfig () { #{{{
+ sub defaultconfig () {
- wiki_file_prune_regexps => [qr/\.\./, qr/^\./, qr/\/\./,
+ wiki_file_prune_regexps => [qr/\.\./, qr/^\.(?!htaccess)/, qr/\/\.(?!htaccess)/,
qr/\.x?html?$/, qr/\.ikiwiki-new$/,
qr/(^|\/).svn\//, qr/.arch-ids\//, qr/{arch}\//],
wiki_link_regexp => qr/\[\[(?:([^\]\|]+)\|)?([^\s\]#]+)(?:#([^\s\]]+))?\]\]/,
-[[tag patch]]
+> Note that the above patch is **completely broken**.
+> It removes the crucial excludes of all files starting with a dot.
+> The negative regexps for htaccess have no effect, so the whole
+> thing only "works" because it allows *any* file starting with a dot.
+> If you applied this patch to your ikiwiki, you opened a huge security
+> hole. --[[Joey]]
+
+[[!tag patch patch/core]]
This lets the site administrator have a `.htaccess` file in their underlay
directory, say, then get it copied over when the wiki is built. Without
That way I have revision control on that file too. That may be a security concern, but I trust everybody that has svn commit
access and such .htaccess files should not be accessible through wiki cgi. Of course, it could default to 'off'.
-> See [[debbug 447267]] for a patch for this.
+> See [[!debbug 447267]] for a patch for this.
+
+>> It looks to me as though this functionality won't be included in ikiwiki
+>> unless someone who wants it takes responsibility for updating the patch
+>> from that Debian bug to be applicable to current versions, so that there's a
+>> setup file parameter for extra filenames to allow, defaulting to none
+>> (i.e. a less simplistic patch than the one at the top of this page).
+>> Joey, is this an accurate summary? --[[smcv]]
---
-bump! I would like to see some form of this functionality included in ikiwiki. I use patched version, but
-its a bit of a PITA to constantly apply it. I know that security concern important, but I use ikiwiki for a very small group
-of people collaborating and svn/web access is under control and htaccess is for limiting access to some areas of wiki.
+bump! I would like to see some form of this functionality included in ikiwiki. I use a patched version, but
+its a bit of a PITA to constantly apply it (and to forget sometimes!). I know that security concern is important to consider,
+but I use ikiwiki with a very small group of people collaborating so svn/web access is under control
+and htaccess is for limiting access to some areas of wiki.
It should be off by default of course. --Max
-[[tag patch]]
+---
++1 I want `.htaccess` so I can rewrite some old Wordpress URLs to make feeds work again. --[[hendry]]
+
+> Unless you cannot modify apache's configuration, you do not need htaccess
+> to do that. Apache's documentation recommends against using htaccess
+> unless you're a user who cannot modify the main server configuration.
+> --[[Joey]]
+
+---
++1 for various purposes (but sometimes the filename isn't `.htaccess`, so please make it configurable) --[[schmonz]]
+
+> I've described a workaround for one use case at the [[plugins/rsync]] [[plugins/rsync/discussion]] page. --[[schmonz]]
+
+---
+
+[[done]], you can use the `include` setting to override the default
+excludes now. Please use extreme caution when doing so. --[[Joey]]