Rework Apache deny access outside p (#7008)

* Rework Apache deny access outside p The deny rules introduced by https://github.com/FreshRSS/FreshRSS/pull/6881 gave problems for API access. See also https://github.com/FreshRSS/FreshRSS/discussions/6879 * Fix scope of deny logic * Fix scope of deny logic * Allow .txt For e.g. `robots.txt`
author: Alexandre Alapetite <alexandre@alapetite.fr> 2024-11-19 21:28:50 +0100
committer: GitHub <noreply@github.com> 2024-11-19 21:28:50 +0100
commit: 6970723aebae7ae90405368e6314e113885cd0de (patch)
tree: e662f00fc1cbc9473cb3cb2261c7caf46adf4062 /p
parent: 966f211202bc2ed6bf56b64e1ea3c4804e93c404 (diff)
2 files changed, 7 insertions, 7 deletions
diff --git a/p/.htaccess b/p/.htaccess
index 40dd7e51f..70bc34710 100644
--- a/p/.htaccess
+++ b/p/.htaccess
@@ -1,10 +1,3 @@
-<IfModule mod_authz_core.c>
-	# Deny files starting with a dot, or without extension (except some), or not in a whitelist of extensions
-	<FilesMatch "^\.|^(?!oidc)[^.]+$|\.(?!css|gif|html|ico|js|php|png|svg|txt|woff|woff2)[^.]*$">
-		Require all denied
-	</FilesMatch>
-</IfModule>
-
 <IfModule mod_dir.c>
 	DirectoryIndex	index.php index.html
 </IfModule>
diff --git a/p/themes/.htaccess b/p/themes/.htaccess
index 0e78aab3a..42732cd38 100644
--- a/p/themes/.htaccess
+++ b/p/themes/.htaccess
@@ -1,3 +1,10 @@
+<IfModule mod_authz_core.c>
+	# Deny files without extension or with specific extensions
+	<FilesMatch "^[^.]+$|\.(json|md|scss|sh)$">
+		Require all denied
+	</FilesMatch>
+</IfModule>
+
 <IfModule mod_mime.c>
 	AddType font/woff .woff
 	AddType font/woff2 .woff2
author	Alexandre Alapetite <alexandre@alapetite.fr>	2024-11-19 21:28:50 +0100
committer	GitHub <noreply@github.com>	2024-11-19 21:28:50 +0100
commit	6970723aebae7ae90405368e6314e113885cd0de (patch)
tree	e662f00fc1cbc9473cb3cb2261c7caf46adf4062 /p
parent	966f211202bc2ed6bf56b64e1ea3c4804e93c404 (diff)