Menu
▾
▴
[TWiki-Dev] [SVN] KennethLavrsen r11202 - twiki/branches/DEVELOP/data/TWiki
|
From: <de...@de...> - 2006-07-27 22:57:45
|
Author: KennethLavrsen
Date: 2006-07-27 00:04:11 -0500 (Thu, 27 Jul 2006)
New Revision: 11202
Modified:
twiki/branches/DEVELOP/data/TWiki/TWikiAccessControl.txt
Log:
Item2689: Doc - Safer protection of attachments using viewfile
Modified: twiki/branches/DEVELOP/data/TWiki/TWikiAccessControl.txt
===================================================================
--- twiki/branches/DEVELOP/data/TWiki/TWikiAccessControl.txt 2006-07-27 04:55:40 UTC (rev 11201)
+++ twiki/branches/DEVELOP/data/TWiki/TWikiAccessControl.txt 2006-07-27 05:04:11 UTC (rev 11202)
@@ -125,13 +125,13 @@
The easiest way to apply the same access control rules for attachments as apply to topics is to use the Apache =mod_rewrite= module, and configure your webserver to redirect accesses to attachments to the TWiki =viewfile= script. For example,
<verbatim>
- ScriptAlias /twiki/bin/ /filesystem/path/to/twiki/bin/
- Alias /twiki/pub/ /filesystem/path/to/twiki/pub/
+ ScriptAlias /twiki/bin/ /filesystem/path/to/twiki/bin/
+ Alias /twiki/pub/ /filesystem/path/to/twiki/pub/
- RewriteEngine on
- RewriteRule ^/twiki/pub/TWiki/(.*)$ /twiki/pub/TWiki/$1 [L,PT]
- RewriteRule ^/twiki/pub/([^\/]+)/([^\/]+)/([^\/]+)$ /twiki/bin/viewfile/$1/$2?filename=$3 [L,PT]
-</verbatim>
+ RewriteEngine on
+ RewriteCond %{REQUEST_URI} !^/+twiki/+pub/+TWiki/+.+
+ RewriteRule ^/+twiki/+pub/+([^/]+)/+((([^/]+)/+)+)(.+) /twiki/bin/viewfile/$1/$4?filename=$5 [L,PT]
+</verbatim
That way all the controls that apply to the topic also apply to attachments to the topic. Other types of webserver have similar support.
|