# Prevent accessing subdirectories not managed by SCM
RewriteRule ^(.git|doxygen|vendor) - [F]
+# Forward the "Authorization" HTTP header
+RewriteCond %{HTTP:Authorization} ^(.*)
+RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+
# REST API
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
## [v0.10.0](https://github.com/shaarli/Shaarli/releases/tag/v0.10.0) - UNPUBLISHED
+
+## [v0.9.6](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6) - 2018-03-25
+## Changed
+- htaccess: prevent accessing resources not managed by SCM
+- htaccess: always forward the 'Authorization' HTTP header
+
+
## [v0.9.5](https://github.com/shaarli/Shaarli/releases/tag/v0.9.5) - 2018-02-02
### Fixed
- Fix a warning happening when `php-intl` is not installed on the system
[![](https://img.shields.io/badge/stable-v0.8.6-blue.svg)](https://github.com/shaarli/Shaarli/releases/tag/v0.8.6)
[![](https://img.shields.io/travis/shaarli/Shaarli/stable.svg?label=stable)](https://travis-ci.org/shaarli/Shaarli)
•
-[![](https://img.shields.io/badge/latest-v0.9.5-blue.svg)](https://github.com/shaarli/Shaarli/releases/tag/v0.9.5)
+[![](https://img.shields.io/badge/latest-v0.9.6-blue.svg)](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6)
[![](https://img.shields.io/travis/shaarli/Shaarli/latest.svg?label=latest)](https://travis-ci.org/shaarli/Shaarli)
•
[![](https://img.shields.io/badge/master-v0.10.x-blue.svg)](https://github.com/shaarli/Shaarli)
In most cases, you should download the latest Shaarli release from the [releases](https://github.com/shaarli/Shaarli/releases) page. **Download our *shaarli-full* archive** to include dependencies.
-The current latest released version is `v0.9.3`
+The current latest released version is `v0.9.6`
```bash
-$ wget https://github.com/shaarli/Shaarli/releases/download/v0.9.3/shaarli-v0.9.3-full.zip
-$ unzip shaarli-v0.9.3-full.zip
+$ wget https://github.com/shaarli/Shaarli/releases/download/v0.9.6/shaarli-v0.9.6-full.zip
+$ unzip shaarli-v0.9.6-full.zip
$ mv Shaarli /path/to/shaarli/
```
### Note your current version
If anything goes wrong, it's important for us to know which version you're upgrading from.
-The current version is present in the `version.php` file.
+The current version is present in the `shaarli_version.php` file.
### Backup your data
&& cd shaarli \
&& composer --prefer-dist --no-dev install \
&& rm -rf ~/.composer \
- && chown -R nginx:nginx .
+ && chown -R nginx:nginx . \
+ && ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
+ && ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
VOLUME /var/www/shaarli/data
&& cd shaarli \
&& composer --prefer-dist --no-dev install \
&& rm -rf ~/.composer \
- && chown -R nginx:nginx .
+ && chown -R nginx:nginx . \
+ && ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
+ && ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
VOLUME /var/www/shaarli/data
WORKDIR /var/www
COPY --from=composer /app/shaarli shaarli
-RUN chown -R nginx:nginx .
+RUN chown -R nginx:nginx . \
+ && ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
+ && ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
+
VOLUME /var/www/shaarli/data
EXPOSE 80
WORKDIR /var/www
COPY --from=composer /app/shaarli shaarli
-RUN chown -R nginx:nginx .
+RUN chown -R nginx:nginx . \
+ && ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
+ && ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
+
VOLUME /var/www/shaarli/data
EXPOSE 80
{include="page.header"}
<div id="headerform">
- {if="!ban_canLogin($conf)"}
+ {if="!$user_can_login"}
You have been banned from login after too many failed attempts. Try later.
{else}
<form method="post" name="loginform">