From 77af69069979b46f2b5df736df3671d48a6a125a Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Sat, 16 Dec 2023 17:05:43 +0000
Subject: [PATCH] Revert "Issue #2463967 by Darren Oh, tunic, andypost,
alexpott, quietone, mstrelan, longwave: Add PHP settings to .user.ini"
This reverts commit de1a11ea785eeb76717187c87e044ccc93022bd5.
---
.htaccess | 11 ++++-------
.user.ini | 10 ----------
composer.lock | 3 +--
core/assets/scaffold/files/htaccess | 11 ++++-------
core/assets/scaffold/files/user.ini | 10 ----------
core/assets/scaffold/files/web.config | 2 +-
core/composer.json | 1 -
.../system/tests/fixtures/HtaccessTest/.user.ini | 0
.../tests/src/Functional/System/HtaccessTest.php | 1 -
web.config | 2 +-
10 files changed, 11 insertions(+), 40 deletions(-)
delete mode 100644 .user.ini
delete mode 100644 core/assets/scaffold/files/user.ini
delete mode 100644 core/modules/system/tests/fixtures/HtaccessTest/.user.ini
diff --git a/.htaccess b/.htaccess
index b0b55d586499..4031da475cfb 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,9 +1,9 @@
#
-# Apache/mod_php/Drupal settings:
+# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
-<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json|\.user\.ini)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
+<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
@@ -24,11 +24,8 @@ AddEncoding gzip svgz
# Most of the following PHP settings cannot be changed at runtime. See
# sites/default/default.settings.php and
-# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-# at runtime.
-#
-# PHP only reads settings from this file if it is running as an Apache module.
-# If PHP is running as a CGI script, see .user.ini.
+# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be
+# changed at runtime.
<IfModule mod_php.c>
php_value assert.active 0
</IfModule>
diff --git a/.user.ini b/.user.ini
deleted file mode 100644
index 95d89560ff10..000000000000
--- a/.user.ini
+++ /dev/null
@@ -1,10 +0,0 @@
-; Most of the following PHP settings cannot be changed at runtime. See
-; sites/default/default.settings.php and
-; Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-; at runtime.
-;
-; PHP only reads settings from this file if it is running as a CGI script. If
-; PHP is running as an Apache module, see .htaccess.
-
-; Disable PHP assertions.
-assert.active = 0
diff --git a/composer.lock b/composer.lock
index e239adab8e9d..ccd477eac316 100644
--- a/composer.lock
+++ b/composer.lock
@@ -495,7 +495,7 @@
"dist": {
"type": "path",
"url": "core",
- "reference": "436f1c4b149b110c60db014909edf6ff2e6fc9f9"
+ "reference": "cc2af7de02a19bfde449293a84468f5fb1e33cea"
},
"require": {
"asm89/stack-cors": "^2.1",
@@ -585,7 +585,6 @@
"[web-root]/.eslintrc.json": "assets/scaffold/files/eslintrc.json",
"[web-root]/.ht.router.php": "assets/scaffold/files/ht.router.php",
"[web-root]/.htaccess": "assets/scaffold/files/htaccess",
- "[web-root]/.user.ini": "assets/scaffold/files/user.ini",
"[web-root]/example.gitignore": "assets/scaffold/files/example.gitignore",
"[web-root]/index.php": "assets/scaffold/files/index.php",
"[web-root]/INSTALL.txt": "assets/scaffold/files/drupal.INSTALL.txt",
diff --git a/core/assets/scaffold/files/htaccess b/core/assets/scaffold/files/htaccess
index b0b55d586499..4031da475cfb 100644
--- a/core/assets/scaffold/files/htaccess
+++ b/core/assets/scaffold/files/htaccess
@@ -1,9 +1,9 @@
#
-# Apache/mod_php/Drupal settings:
+# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
-<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json|\.user\.ini)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
+<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
@@ -24,11 +24,8 @@ AddEncoding gzip svgz
# Most of the following PHP settings cannot be changed at runtime. See
# sites/default/default.settings.php and
-# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-# at runtime.
-#
-# PHP only reads settings from this file if it is running as an Apache module.
-# If PHP is running as a CGI script, see .user.ini.
+# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be
+# changed at runtime.
<IfModule mod_php.c>
php_value assert.active 0
</IfModule>
diff --git a/core/assets/scaffold/files/user.ini b/core/assets/scaffold/files/user.ini
deleted file mode 100644
index 95d89560ff10..000000000000
--- a/core/assets/scaffold/files/user.ini
+++ /dev/null
@@ -1,10 +0,0 @@
-; Most of the following PHP settings cannot be changed at runtime. See
-; sites/default/default.settings.php and
-; Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-; at runtime.
-;
-; PHP only reads settings from this file if it is running as a CGI script. If
-; PHP is running as an Apache module, see .htaccess.
-
-; Disable PHP assertions.
-assert.active = 0
diff --git a/core/assets/scaffold/files/web.config b/core/assets/scaffold/files/web.config
index 408b16d96fa6..b769e45e3699 100644
--- a/core/assets/scaffold/files/web.config
+++ b/core/assets/scaffold/files/web.config
@@ -22,7 +22,7 @@
<rewrite>
<rules>
<rule name="Protect files and directories from prying eyes" stopProcessing="true">
- <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json|.user.ini)$" />
+ <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json)$" />
<action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
</rule>
diff --git a/core/composer.json b/core/composer.json
index 05c7c56b12db..9ae3cab9bee5 100644
--- a/core/composer.json
+++ b/core/composer.json
@@ -127,7 +127,6 @@
"[web-root]/.eslintrc.json": "assets/scaffold/files/eslintrc.json",
"[web-root]/.ht.router.php": "assets/scaffold/files/ht.router.php",
"[web-root]/.htaccess": "assets/scaffold/files/htaccess",
- "[web-root]/.user.ini": "assets/scaffold/files/user.ini",
"[web-root]/example.gitignore": "assets/scaffold/files/example.gitignore",
"[web-root]/index.php": "assets/scaffold/files/index.php",
"[web-root]/INSTALL.txt": "assets/scaffold/files/drupal.INSTALL.txt",
diff --git a/core/modules/system/tests/fixtures/HtaccessTest/.user.ini b/core/modules/system/tests/fixtures/HtaccessTest/.user.ini
deleted file mode 100644
index e69de29bb2d1..000000000000
diff --git a/core/modules/system/tests/src/Functional/System/HtaccessTest.php b/core/modules/system/tests/src/Functional/System/HtaccessTest.php
index 2a88bf768b13..09046c446fc9 100644
--- a/core/modules/system/tests/src/Functional/System/HtaccessTest.php
+++ b/core/modules/system/tests/src/Functional/System/HtaccessTest.php
@@ -98,7 +98,6 @@ protected function getProtectedFiles() {
// Ensure web server configuration files cannot be accessed.
$file_paths["$path/.htaccess"] = 403;
$file_paths["$path/web.config"] = 403;
- $file_paths["$path/.user.ini"] = 403;
return $file_paths;
}
diff --git a/web.config b/web.config
index 408b16d96fa6..b769e45e3699 100644
--- a/web.config
+++ b/web.config
@@ -22,7 +22,7 @@
<rewrite>
<rules>
<rule name="Protect files and directories from prying eyes" stopProcessing="true">
- <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json|.user.ini)$" />
+ <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json)$" />
<action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
</rule>
--
GitLab