diff options
| -rw-r--r-- | .htaccess.dist | 4 | ||||
| -rw-r--r-- | p/.htaccess | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/.htaccess.dist b/.htaccess.dist index 8821ae1ea..18475b849 100644 --- a/.htaccess.dist +++ b/.htaccess.dist @@ -1,7 +1,7 @@ # Copy this file to `.htaccess` for additional root-level protection # if you cannot set Apache `DocumentRoot` to `./p/` as recommended. -# Deny files starting with a dot, or without extension, or not in a whitelist of extensions -<FilesMatch "^\.|^[^.]+$|\.(?!css|gif|html|ico|js|php|png|svg|txt|woff|woff2)[^.]*$"> +# Deny files starting with a dot, or without extension (except some), or not in a whitelist of extensions +<FilesMatch "^\.|^(?!oidc)[^.]+$|\.(?!css|gif|html|ico|js|php|png|svg|txt|woff|woff2)[^.]*$"> Require all denied </FilesMatch> diff --git a/p/.htaccess b/p/.htaccess index 94c4e08e5..40dd7e51f 100644 --- a/p/.htaccess +++ b/p/.htaccess @@ -1,6 +1,6 @@ <IfModule mod_authz_core.c> - # Deny files starting with a dot, or without extension, or not in a whitelist of extensions - <FilesMatch "^\.|^[^.]+$|\.(?!css|gif|html|ico|js|php|png|svg|txt|woff|woff2)[^.]*$"> + # Deny files starting with a dot, or without extension (except some), or not in a whitelist of extensions + <FilesMatch "^\.|^(?!oidc)[^.]+$|\.(?!css|gif|html|ico|js|php|png|svg|txt|woff|woff2)[^.]*$"> Require all denied </FilesMatch> </IfModule> |