Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
Comment | File | Size | Author |
---|---|---|---|
#4 | 3047412-4.patch | 1.66 KB | mcdruid |
Comment | File | Size | Author |
---|---|---|---|
#4 | 3047412-4.patch | 1.66 KB | mcdruid |
Comments
Comment #2
mcdruidApache before:
...and after:
Need to test on IIS.
Comment #3
mcdruidAdding the slash to
web\.config
in the web.config file per @rabbitlair in #2948579-25: Block web.config in .htaccess (and vice-versa).Comment #4
mcdruidSame change as last patch in the parent/D8 issue; removing the web.config rule from the web.config file so that the two webservers are only blocking each other's config files.
This was just committed to D8 so I'm going to mark it RTBC if the tests pass here.
Comment #5
mcdruidComment #6
beckydev CreditAttribution: beckydev commentedTested patch in #4 from an Apache environment. Confirmed web.config is no longer served up (403), +1 RTBC.
Comment #7
mcdruidComment #8
joseph.olstadComment #9
joseph.olstadComment #10
mcdruidn.b. we need to update issue credit here based on the D8 parent when this is committed.
Comment #11
Fabianx CreditAttribution: Fabianx as a volunteer and at Tag1 Consulting commentedRTBM (ready to be merged)
Please go ahead and commit this.
Comment #20
mcdruidAdding issue credit from the D8 parent issue #2948579: Block web.config in .htaccess (and vice-versa).
Comment #22
mcdruidThank you everyone that contributed!
Comment #23
mcdruidComment #24
joseph.olstadThumbs up!