]> git.immae.eu Git - github/shaarli/Shaarli.git/blobdiff - .htaccess
projects / github / shaarli / Shaarli.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SessionManager: remove unused UID token
[github/shaarli/Shaarli.git] / .htaccess
diff --git a/.htaccess b/.htaccess
index 66ef8f69ce39e127dc266c9ab3727c4b8be4f9fa..7ba4744b262af9c1ca97f617c4bb60d9510808e9 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -1,4 +1,16 @@
+# Disable directory listing
+Options -Indexes
+
 RewriteEngine On
+
+# Prevent accessing subdirectories not managed by SCM
+RewriteRule ^(.git|doxygen|vendor) - [F]
+
+# Forward the "Authorization" HTTP header
+RewriteCond %{HTTP:Authorization} ^(.*)
+RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+
+# REST API
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^ index.php [QSA,L]
The personal, minimalist, super-fast, database free, bookmarking service - community repo