X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=.htaccess;h=8876e346ce70bf3ff951a5ed3e2fe682de837535;hb=dfed9b2dd58cfb82a334f4c9433bfce84426cd34;hp=19dd72a805e7b3bd170c87aabb25ad4764ca179a;hpb=8b48e36594394e367cbb33c7ad1a679ea57c374d;p=github%2Fshaarli%2FShaarli.git
diff --git a/.htaccess b/.htaccess
index 19dd72a8..8876e346 100644
--- a/.htaccess
+++ b/.htaccess
@@ -6,7 +6,44 @@ RewriteEngine On
# Prevent accessing subdirectories not managed by SCM
RewriteRule ^(.git|doxygen|vendor) - [F]
+# Forward the "Authorization" HTTP header
+# fixes JWT token not correctly forwarded on some Apache/FastCGI setups
+RewriteCond %{HTTP:Authorization} ^(.*)
+RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+
# REST API
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
+
+
+
+ = 2.4>
+ Require all granted
+
+
+ Allow from all
+ Deny from none
+
+
+
+
+ Require all granted
+
+
+
+
+
+ = 2.4>
+ Require all denied
+
+
+ Allow from none
+ Deny from all
+
+
+
+
+ Require all denied
+
+