composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-12 23:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°7331 - Ensure to keep folder browsing protection files after install/update command

Browse Source
This commit is contained in:
Molkobain
2024-03-11 14:46:53 +01:00
parent f3dd414a51
commit 8c1d986a03
5 changed files with 68 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
.make/dependencies/npm/restoreFolderBrowsingProtection.php Normal file
View File

@@ -0,0 +1,51 @@
<?php
/**
* Copyright (C) 2010-2023 Combodo SARL
*
* This file is part of iTop.
*
* iTop is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* iTop is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with iTop. If not, see <http: *www.gnu.org/licenses/>
*
*/
/**
* Ensure that the files for folder browsing protection (.htaccess, web.config) are kept after an "npm install/update" command
*/
$iTopFolder = __DIR__."/../../../";
require_once("$iTopFolder/approot.inc.php");
$sDependenciesRootFolderAbsPath = APPROOT . "node_modules/";
$aFilesToCheck = [
".htaccess",
"web.config",
];
echo "This command aims at ensuring that folder browsing protection files (.htaccess, web.config) are present in the dependencies folder even after an install/upgrade command\n";
echo "Checking files:\n";
foreach($aFilesToCheck as $sFileToCheck) {
if (file_exists($sDependenciesRootFolderAbsPath . $sFileToCheck)) {
echo "✔️ $sFileToCheck is present\n";
continue;
}
// If missing, copy the one from /lib as it contains the necessary allow/deny directives for third-parties
copy(APPROOT . "lib/$sFileToCheck", $sDependenciesRootFolderAbsPath . $sFileToCheck);
echo "✔️ $sFileToCheck was missing and has been re-created\n";
}
// Ensure separation with following scripts
echo "\n";

9
.make/dependencies/rmUnnecessaryFolders.php
View File

@@ -71,10 +71,10 @@ foreach ($aDeniedButStillPresent as $sDir)
try {
SetupUtils::rrmdir($sDir);
echo "OK Remove denied test dir: '$sDir'\n";
echo "✔️ Remove denied test dir: '$sDir'\n";
}
catch (\Exception $e) {
echo "\nFAILED to remove denied test dir: '$sDir'\n";
echo "\nFAILED to remove denied test dir: '$sDir'\n";
}
}
@@ -89,4 +89,7 @@ if (false === empty($aMissing)) {
echo "Some new tests dirs exists !\n"
.' They must be declared either in the allowed or denied list in '.$sDependenciesHandlerFQCN." (see N°2651).\n"
.' List of dirs:'."\n".var_export($aMissing, true)."\n";
}
}
// Ensure separation with following scripts
echo "\n";