X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=.htaccess;h=25fcfb034ee3e1bf1149eafdfccc5b9d27803fe2;hb=48df9f45b8c4b2995c1e04146071628668531b37;hp=4c00427195ecb0998589fc09dd02fa8580d97a3e;hpb=e95247d41dbe3b46c83d97f2a9d0e7bd1194bf08;p=github%2Fshaarli%2FShaarli.git

diff --git a/.htaccess b/.htaccess
index 4c004271..25fcfb03 100644
--- a/.htaccess
+++ b/.htaccess
@@ -7,31 +7,20 @@ RewriteEngine On
 RewriteRule ^(.git|doxygen|vendor) - [F]
 
 # Forward the "Authorization" HTTP header
+# fixes JWT token not correctly forwarded on some Apache/FastCGI setups
 RewriteCond %{HTTP:Authorization} ^(.*)
 RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+# Alternative (if the 2 lines above don't work)
+# SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
 
 # REST API
+# Ionos Hosting needs RewriteBase /
+# RewriteBase /
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^ index.php [QSA,L]
 
-<Limit GET POST PUT DELETE OPTIONS>
-  <IfModule version_module>
-    <IfVersion >= 2.4>
-       Require all granted
-    </IfVersion>
-    <IfVersion < 2.4>
-       Allow from all
-       Deny from none
-    </IfVersion>
-  </IfModule>
-
-  <IfModule !version_module>
-    Require all granted
-  </IfModule>
-</Limit>
-
-<LimitExcept GET POST PUT DELETE OPTIONS>
+<LimitExcept GET POST PUT DELETE PATCH OPTIONS>
   <IfModule version_module>
     <IfVersion >= 2.4>
        Require all denied