Merge pull request #1234 from virtualtam/lint

[github/shaarli/Shaarli.git] / .htaccess

diff --git a/.htaccess b/.htaccess
index 19dd72a805e7b3bd170c87aabb25ad4764ca179a..4c00427195ecb0998589fc09dd02fa8580d97a3e 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -6,7 +6,43 @@ RewriteEngine On
 # Prevent accessing subdirectories not managed by SCM
 RewriteRule ^(.git|doxygen|vendor) - [F]
 
+# Forward the "Authorization" HTTP header
+RewriteCond %{HTTP:Authorization} ^(.*)
+RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
+
 # REST API
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^ index.php [QSA,L]
+
+<Limit GET POST PUT DELETE OPTIONS>
+  <IfModule version_module>
+    <IfVersion >= 2.4>
+       Require all granted
+    </IfVersion>
+    <IfVersion < 2.4>
+       Allow from all
+       Deny from none
+    </IfVersion>
+  </IfModule>
+
+  <IfModule !version_module>
+    Require all granted
+  </IfModule>
+</Limit>
+
+<LimitExcept GET POST PUT DELETE OPTIONS>
+  <IfModule version_module>
+    <IfVersion >= 2.4>
+       Require all denied
+    </IfVersion>
+    <IfVersion < 2.4>
+       Allow from none
+       Deny from all
+    </IfVersion>
+  </IfModule>
+
+  <IfModule !version_module>
+    Require all denied
+  </IfModule>
+</LimitExcept>