From f2bb8818ecf7c1a571b837426f789eda9f1c2059 Mon Sep 17 00:00:00 2001
From: catch <catch@35733.no-reply.drupal.org>
Date: Sun, 14 Apr 2024 08:26:06 +0100
Subject: [PATCH] Issue #3437335 by fromme, catch: Remove web.config from 11.x
---
composer.lock | 3 +-
composer/Plugin/Scaffold/README.md | 1 -
.../Plugin/VendorHardening/FileSecurity.php | 33 -------
composer/Plugin/VendorHardening/README.txt | 6 +-
.../VendorHardening/VendorHardeningPlugin.php | 7 +-
core/assets/scaffold/files/robots.txt | 1 -
core/assets/scaffold/files/web.config | 91 -------------------
core/composer.json | 1 -
.../Component/FileSecurity/FileSecurity.php | 33 -------
.../tests/fixtures/HtaccessTest/web.config | 0
.../src/Functional/System/HtaccessTest.php | 1 -
.../FileSecurity/FileSecurityTest.php | 32 -------
.../Functional/ManageGitIgnoreTest.php | 2 -
.../Scaffold/Functional/ScaffoldTest.php | 1 -
.../Plugin/Scaffold/fixtures/README.md | 1 -
.../drupal-assets-fixture/assets/web.config | 2 -
.../drupal-assets-fixture/composer.json | 3 +-
.../VendorHardeningPluginTest.php | 2 -
.../Drupal/Tests/ComposerIntegrationTest.php | 1 -
robots.txt | 1 -
web.config | 91 -------------------
21 files changed, 7 insertions(+), 306 deletions(-)
delete mode 100644 core/assets/scaffold/files/web.config
delete mode 100644 core/modules/system/tests/fixtures/HtaccessTest/web.config
delete mode 100644 core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/web.config
delete mode 100644 web.config
diff --git a/composer.lock b/composer.lock
index c8b96b123b5c..46585c3f980b 100644
--- a/composer.lock
+++ b/composer.lock
@@ -495,7 +495,7 @@
"dist": {
"type": "path",
"url": "core",
- "reference": "1271fe53d733e84423b9a824ad5ca7b145db096d"
+ "reference": "c02a5aeb8449c7bf2c4a4f5bcf2898ea97e8e923"
},
"require": {
"asm89/stack-cors": "^2.1",
@@ -592,7 +592,6 @@
"[web-root]/README.md": "assets/scaffold/files/drupal.README.md",
"[web-root]/robots.txt": "assets/scaffold/files/robots.txt",
"[web-root]/update.php": "assets/scaffold/files/update.php",
- "[web-root]/web.config": "assets/scaffold/files/web.config",
"[web-root]/sites/README.txt": "assets/scaffold/files/sites.README.txt",
"[web-root]/sites/development.services.yml": "assets/scaffold/files/development.services.yml",
"[web-root]/sites/example.settings.local.php": "assets/scaffold/files/example.settings.local.php",
diff --git a/composer/Plugin/Scaffold/README.md b/composer/Plugin/Scaffold/README.md
index b2c89da1e1b0..1b95e33cc5d7 100644
--- a/composer/Plugin/Scaffold/README.md
+++ b/composer/Plugin/Scaffold/README.md
@@ -450,7 +450,6 @@ Sample composer.json for composer-scaffold files in drupal/assets:
"[web-root]/index.php": "assets/index.php",
"[web-root]/robots.txt": "assets/robots.txt",
"[web-root]/update.php": "assets/update.php",
- "[web-root]/web.config": "assets/web.config"
}
}
}
diff --git a/composer/Plugin/VendorHardening/FileSecurity.php b/composer/Plugin/VendorHardening/FileSecurity.php
index cea0685fb358..3424c5617e2b 100644
--- a/composer/Plugin/VendorHardening/FileSecurity.php
+++ b/composer/Plugin/VendorHardening/FileSecurity.php
@@ -100,39 +100,6 @@ protected static function denyPublicAccess() {
EOF;
}
- /**
- * Writes a web.config file in the given directory, if it doesn't exist.
- *
- * @param string $directory
- * The directory.
- * @param bool $force
- * (optional) Set to TRUE to force overwrite an existing file.
- *
- * @return bool
- * TRUE if the file already exists or was created. FALSE otherwise.
- */
- public static function writeWebConfig($directory, $force = FALSE) {
- return self::writeFile($directory, 'web.config', self::webConfigLines(), $force);
- }
-
- /**
- * Returns the standard web.config lines for security.
- *
- * @return string
- * The contents of the web.config file.
- */
- public static function webConfigLines() {
- return <<<EOT
-<configuration>
- <system.webServer>
- <authorization>
- <deny users="*">
- </authorization>
- </system.webServer>
-</configuration>
-EOT;
- }
-
/**
* Writes the contents to the file in the given directory.
*
diff --git a/composer/Plugin/VendorHardening/README.txt b/composer/Plugin/VendorHardening/README.txt
index 40060dc528ec..2a426f715eeb 100644
--- a/composer/Plugin/VendorHardening/README.txt
+++ b/composer/Plugin/VendorHardening/README.txt
@@ -35,9 +35,9 @@ This plugin can also clean up packages that were installed outside of the
vendor directory, using composer/installers. This allows users to configure the
plugin to clean up, for instance, Drupal extensions and Drupal core.
-2) The plugin also adds .htaccess and web.config files to the root of the
-project's vendor directory. These files will perform due diligence to keep the
-web server from serving files from within the vendor directory.
+2) The plugin also adds .htaccess file to the root of the
+project's vendor directory. The file will perform due diligence to keep the
+web server from serving file from within the vendor directory.
How do I set it up?
-------------------
diff --git a/composer/Plugin/VendorHardening/VendorHardeningPlugin.php b/composer/Plugin/VendorHardening/VendorHardeningPlugin.php
index a7815c5db738..133640cc4be8 100644
--- a/composer/Plugin/VendorHardening/VendorHardeningPlugin.php
+++ b/composer/Plugin/VendorHardening/VendorHardeningPlugin.php
@@ -370,18 +370,15 @@ protected function cleanPathsForPackage(PackageInterface $package, $paths_for_pa
}
/**
- * Place .htaccess and web.config files into the vendor directory.
+ * Place .htaccess file into the vendor directory.
*
* @param string $vendor_dir
* Path to vendor directory.
*/
public function writeAccessRestrictionFiles(string $vendor_dir): void {
- $this->io->writeError('<info>Hardening vendor directory with .htaccess and web.config files.</info>');
+ $this->io->writeError('<info>Hardening vendor directory with .htaccess file.</info>');
// Prevent access to vendor directory on Apache servers.
FileSecurity::writeHtaccess($vendor_dir, TRUE);
-
- // Prevent access to vendor directory on IIS servers.
- FileSecurity::writeWebConfig($vendor_dir);
}
}
diff --git a/core/assets/scaffold/files/robots.txt b/core/assets/scaffold/files/robots.txt
index 3ad8e2e8dec0..a1e1d34317cb 100644
--- a/core/assets/scaffold/files/robots.txt
+++ b/core/assets/scaffold/files/robots.txt
@@ -46,7 +46,6 @@ Disallow: /composer/Template/README.txt
Disallow: /modules/README.txt
Disallow: /sites/README.txt
Disallow: /themes/README.txt
-Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
diff --git a/core/assets/scaffold/files/web.config b/core/assets/scaffold/files/web.config
deleted file mode 100644
index b769e45e3699..000000000000
--- a/core/assets/scaffold/files/web.config
+++ /dev/null
@@ -1,91 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
- <system.webServer>
- <!-- Don't show directory listings for URLs which map to a directory. -->
- <directoryBrowse enabled="false" />
-
- <!--
- Caching configuration was not delegated by default. Some hosters may not
- delegate the caching configuration to site owners by default and that
- may cause errors when users install. Uncomment this if you want to and
- are allowed to enable caching.
- -->
- <!--
- <caching>
- <profiles>
- <add extension=".php" policy="DisableCache" kernelCachePolicy="DisableCache" />
- <add extension=".html" policy="CacheForTimePeriod" kernelCachePolicy="CacheForTimePeriod" duration="14:00:00" />
- </profiles>
- </caching>
- -->
-
- <rewrite>
- <rules>
- <rule name="Protect files and directories from prying eyes" stopProcessing="true">
- <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json)$" />
- <action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
- </rule>
-
- <rule name="Force simple error message for requests for non-existent favicon.ico" stopProcessing="true">
- <match url="favicon\.ico" />
- <action type="CustomResponse" statusCode="404" subStatusCode="1" statusReason="File Not Found" statusDescription="The requested file favicon.ico was not found" />
- <conditions>
- <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
- </conditions>
- </rule>
- <!-- To redirect all users to access the site WITH the 'www.' prefix,
- http://example.com/foo will be redirected to http://www.example.com/foo)
- adapt and uncomment the following: -->
- <!--
- <rule name="Redirect to add www" stopProcessing="true">
- <match url="^(.*)$" ignoreCase="false" />
- <conditions>
- <add input="{HTTP_HOST}" pattern="^example\.com$" />
- </conditions>
- <action type="Redirect" redirectType="Permanent" url="http://www.example.com/{R:1}" />
- </rule>
- -->
-
- <!-- To redirect all users to access the site WITHOUT the 'www.' prefix,
- http://www.example.com/foo will be redirected to http://example.com/foo)
- adapt and uncomment the following: -->
- <!--
- <rule name="Redirect to remove www" stopProcessing="true">
- <match url="^(.*)$" ignoreCase="false" />
- <conditions>
- <add input="{HTTP_HOST}" pattern="^www\.example\.com$" />
- </conditions>
- <action type="Redirect" redirectType="Permanent" url="http://example.com/{R:1}" />
- </rule>
- -->
-
- <!-- Pass all requests not referring directly to files in the filesystem
- to index.php. -->
- <rule name="Short URLS" stopProcessing="true">
- <match url="^(.*)$" ignoreCase="false" />
- <conditions>
- <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
- <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
- <add input="{URL}" pattern="^/favicon.ico$" ignoreCase="false" negate="true" />
- </conditions>
- <action type="Rewrite" url="index.php" />
- </rule>
- </rules>
- </rewrite>
-
- <!-- If running Windows Server 2008 R2 this can be commented out -->
- <!-- httpErrors>
- <remove statusCode="404" subStatusCode="-1" />
- <error statusCode="404" prefixLanguageFilePath="" path="/index.php" responseMode="ExecuteURL" />
- </httpErrors -->
-
- <defaultDocument>
- <!-- Set the default document -->
- <files>
- <clear />
- <add value="index.php" />
- </files>
- </defaultDocument>
-
- </system.webServer>
-</configuration>
diff --git a/core/composer.json b/core/composer.json
index 69ef592a9a23..2cc63e3466b8 100644
--- a/core/composer.json
+++ b/core/composer.json
@@ -135,7 +135,6 @@
"[web-root]/README.md": "assets/scaffold/files/drupal.README.md",
"[web-root]/robots.txt": "assets/scaffold/files/robots.txt",
"[web-root]/update.php": "assets/scaffold/files/update.php",
- "[web-root]/web.config": "assets/scaffold/files/web.config",
"[web-root]/sites/README.txt": "assets/scaffold/files/sites.README.txt",
"[web-root]/sites/development.services.yml": "assets/scaffold/files/development.services.yml",
"[web-root]/sites/example.settings.local.php": "assets/scaffold/files/example.settings.local.php",
diff --git a/core/lib/Drupal/Component/FileSecurity/FileSecurity.php b/core/lib/Drupal/Component/FileSecurity/FileSecurity.php
index c21937a8de4f..742080e3f69c 100644
--- a/core/lib/Drupal/Component/FileSecurity/FileSecurity.php
+++ b/core/lib/Drupal/Component/FileSecurity/FileSecurity.php
@@ -98,39 +98,6 @@ protected static function denyPublicAccess() {
EOF;
}
- /**
- * Writes a web.config file in the given directory, if it doesn't exist.
- *
- * @param string $directory
- * The directory.
- * @param bool $force
- * (optional) Set to TRUE to force overwrite an existing file.
- *
- * @return bool
- * TRUE if the file already exists or was created. FALSE otherwise.
- */
- public static function writeWebConfig($directory, $force = FALSE) {
- return self::writeFile($directory, 'web.config', self::webConfigLines(), $force);
- }
-
- /**
- * Returns the standard web.config lines for security.
- *
- * @return string
- * The contents of the web.config file.
- */
- public static function webConfigLines() {
- return <<<EOT
-<configuration>
- <system.webServer>
- <authorization>
- <deny users="*">
- </authorization>
- </system.webServer>
-</configuration>
-EOT;
- }
-
/**
* Writes the contents to the file in the given directory.
*
diff --git a/core/modules/system/tests/fixtures/HtaccessTest/web.config b/core/modules/system/tests/fixtures/HtaccessTest/web.config
deleted file mode 100644
index e69de29bb2d1..000000000000
diff --git a/core/modules/system/tests/src/Functional/System/HtaccessTest.php b/core/modules/system/tests/src/Functional/System/HtaccessTest.php
index 5fa346808620..81fe8e15f5de 100644
--- a/core/modules/system/tests/src/Functional/System/HtaccessTest.php
+++ b/core/modules/system/tests/src/Functional/System/HtaccessTest.php
@@ -99,7 +99,6 @@ protected function getProtectedFiles() {
// Ensure web server configuration files cannot be accessed.
$file_paths["$path/.htaccess"] = 403;
- $file_paths["$path/web.config"] = 403;
return $file_paths;
}
diff --git a/core/tests/Drupal/Tests/Component/FileSecurity/FileSecurityTest.php b/core/tests/Drupal/Tests/Component/FileSecurity/FileSecurityTest.php
index 8b1cd24194fc..add09e6613ca 100644
--- a/core/tests/Drupal/Tests/Component/FileSecurity/FileSecurityTest.php
+++ b/core/tests/Drupal/Tests/Component/FileSecurity/FileSecurityTest.php
@@ -63,36 +63,4 @@ public function testWriteHtaccessFailure() {
$this->assertFalse(FileSecurity::writeHtaccess(vfsStream::url('root') . '/foo'));
}
- /**
- * @covers ::writeWebConfig
- */
- public function testWriteWebConfig() {
- vfsStream::setup('root');
- $this->assertTrue(FileSecurity::writeWebConfig(vfsStream::url('root')));
- $web_config_file = vfsStream::url('root') . '/web.config';
- $this->assertFileExists($web_config_file);
- $this->assertEquals('0444', substr(sprintf('%o', fileperms($web_config_file)), -4));
- }
-
- /**
- * @covers ::writeWebConfig
- */
- public function testWriteWebConfigForceOverwrite() {
- vfsStream::setup('root');
- $web_config_file = vfsStream::url('root') . '/web.config';
- file_put_contents($web_config_file, "foo");
- $this->assertTrue(FileSecurity::writeWebConfig(vfsStream::url('root'), TRUE));
- $this->assertFileExists($web_config_file);
- $this->assertEquals('0444', substr(sprintf('%o', fileperms($web_config_file)), -4));
- $this->assertStringNotContainsString("foo", $web_config_file);
- }
-
- /**
- * @covers ::writeWebConfig
- */
- public function testWriteWebConfigFailure() {
- vfsStream::setup('root');
- $this->assertFalse(FileSecurity::writeWebConfig(vfsStream::url('root') . '/foo'));
- }
-
}
diff --git a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ManageGitIgnoreTest.php b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ManageGitIgnoreTest.php
index 1996bc9ae42e..3bea63641f30 100644
--- a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ManageGitIgnoreTest.php
+++ b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ManageGitIgnoreTest.php
@@ -127,7 +127,6 @@ public function testManageGitIgnore() {
/index.php
/robots.txt
/update.php
-/web.config
EOT;
// At this point we should have a .gitignore file, because although we did
// not explicitly ask for .gitignore tracking, the vendor directory is not
@@ -242,7 +241,6 @@ public function testUnmanagedGitIgnoreWhenGitNotAvailable() {
- Copy [web-root]/index.php from assets/index.php
- Skip [web-root]/robots.txt: overridden in fixtures/drupal-composer-drupal-project
- Copy [web-root]/update.php from assets/update.php
- - Copy [web-root]/web.config from assets/web.config
Scaffolding files for fixtures/scaffold-override-fixture:
- Copy [web-root]/sites/default/default.settings.php from assets/override-settings.php
Scaffolding files for fixtures/drupal-composer-drupal-project:
diff --git a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ScaffoldTest.php b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ScaffoldTest.php
index 2da31c9ea94f..e5127780cb70 100644
--- a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ScaffoldTest.php
+++ b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/Functional/ScaffoldTest.php
@@ -408,7 +408,6 @@ protected function assertCommonDrupalAssetsWereScaffolded(string $docroot, bool
$this->assertScaffoldedFile($docroot . '/sites/example.sites.php', $is_link, 'Test version of example.sites.php from drupal/core.');
$this->assertScaffoldedFile($docroot . '/index.php', $is_link, 'Test version of index.php from drupal/core.');
$this->assertScaffoldedFile($docroot . '/update.php', $is_link, 'Test version of update.php from drupal/core.');
- $this->assertScaffoldedFile($docroot . '/web.config', $is_link, 'Test version of web.config from drupal/core.');
}
/**
diff --git a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/README.md b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/README.md
index 442317ac3447..6ac31020bbdb 100644
--- a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/README.md
+++ b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/README.md
@@ -30,7 +30,6 @@ Scaffolding files for fixtures/drupal-assets-fixture:
- Link [web-root]/index.php from assets/index.php
- Skip [web-root]/robots.txt: overridden in my/project
- Link [web-root]/update.php from assets/update.php
- - Link [web-root]/web.config from assets/web.config
Scaffolding files for fixtures/scaffold-override-fixture:
- Link [web-root]/sites/default/default.settings.php from assets/override-settings.php
Scaffolding files for my/project:
diff --git a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/web.config b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/web.config
deleted file mode 100644
index f3344d0a2032..000000000000
--- a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/web.config
+++ /dev/null
@@ -1,2 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Test version of web.config from drupal/core. -->
diff --git a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/composer.json b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/composer.json
index 484f6be0e3b0..2fdefb0ce71d 100644
--- a/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/composer.json
+++ b/core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/composer.json
@@ -16,8 +16,7 @@
"[web-root]/sites/example.sites.php": "assets/example.sites.php",
"[web-root]/index.php": "assets/index.php",
"[web-root]/robots.txt": "assets/robots.txt",
- "[web-root]/update.php": "assets/update.php",
- "[web-root]/web.config": "assets/web.config"
+ "[web-root]/update.php": "assets/update.php"
}
}
}
diff --git a/core/tests/Drupal/Tests/Composer/Plugin/VendorHardening/VendorHardeningPluginTest.php b/core/tests/Drupal/Tests/Composer/Plugin/VendorHardening/VendorHardeningPluginTest.php
index e21b303d7db4..1382235f7772 100644
--- a/core/tests/Drupal/Tests/Composer/Plugin/VendorHardening/VendorHardeningPluginTest.php
+++ b/core/tests/Drupal/Tests/Composer/Plugin/VendorHardening/VendorHardeningPluginTest.php
@@ -166,12 +166,10 @@ public function testWriteAccessRestrictionFiles() {
$this->assertDirectoryExists($dir);
$this->assertFileDoesNotExist($dir . '/.htaccess');
- $this->assertFileDoesNotExist($dir . '/web.config');
$plugin->writeAccessRestrictionFiles($dir);
$this->assertFileExists($dir . '/.htaccess');
- $this->assertFileExists($dir . '/web.config');
}
public static function providerFindBinOverlap() {
diff --git a/core/tests/Drupal/Tests/ComposerIntegrationTest.php b/core/tests/Drupal/Tests/ComposerIntegrationTest.php
index 6f9fa84b634a..3ea8d0ba8e68 100644
--- a/core/tests/Drupal/Tests/ComposerIntegrationTest.php
+++ b/core/tests/Drupal/Tests/ComposerIntegrationTest.php
@@ -150,7 +150,6 @@ public static function providerTestExpectedScaffoldFiles() {
['README.md', 'assets/scaffold/files/drupal.README.md'],
['robots.txt', 'assets/scaffold/files/robots.txt'],
['update.php', 'assets/scaffold/files/update.php'],
- ['web.config', 'assets/scaffold/files/web.config'],
['sites/README.txt', 'assets/scaffold/files/sites.README.txt'],
['sites/development.services.yml', 'assets/scaffold/files/development.services.yml'],
['sites/example.settings.local.php', 'assets/scaffold/files/example.settings.local.php'],
diff --git a/robots.txt b/robots.txt
index 3ad8e2e8dec0..a1e1d34317cb 100644
--- a/robots.txt
+++ b/robots.txt
@@ -46,7 +46,6 @@ Disallow: /composer/Template/README.txt
Disallow: /modules/README.txt
Disallow: /sites/README.txt
Disallow: /themes/README.txt
-Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
diff --git a/web.config b/web.config
deleted file mode 100644
index b769e45e3699..000000000000
--- a/web.config
+++ /dev/null
@@ -1,91 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
- <system.webServer>
- <!-- Don't show directory listings for URLs which map to a directory. -->
- <directoryBrowse enabled="false" />
-
- <!--
- Caching configuration was not delegated by default. Some hosters may not
- delegate the caching configuration to site owners by default and that
- may cause errors when users install. Uncomment this if you want to and
- are allowed to enable caching.
- -->
- <!--
- <caching>
- <profiles>
- <add extension=".php" policy="DisableCache" kernelCachePolicy="DisableCache" />
- <add extension=".html" policy="CacheForTimePeriod" kernelCachePolicy="CacheForTimePeriod" duration="14:00:00" />
- </profiles>
- </caching>
- -->
-
- <rewrite>
- <rules>
- <rule name="Protect files and directories from prying eyes" stopProcessing="true">
- <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json)$" />
- <action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
- </rule>
-
- <rule name="Force simple error message for requests for non-existent favicon.ico" stopProcessing="true">
- <match url="favicon\.ico" />
- <action type="CustomResponse" statusCode="404" subStatusCode="1" statusReason="File Not Found" statusDescription="The requested file favicon.ico was not found" />
- <conditions>
- <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
- </conditions>
- </rule>
- <!-- To redirect all users to access the site WITH the 'www.' prefix,
- http://example.com/foo will be redirected to http://www.example.com/foo)
- adapt and uncomment the following: -->
- <!--
- <rule name="Redirect to add www" stopProcessing="true">
- <match url="^(.*)$" ignoreCase="false" />
- <conditions>
- <add input="{HTTP_HOST}" pattern="^example\.com$" />
- </conditions>
- <action type="Redirect" redirectType="Permanent" url="http://www.example.com/{R:1}" />
- </rule>
- -->
-
- <!-- To redirect all users to access the site WITHOUT the 'www.' prefix,
- http://www.example.com/foo will be redirected to http://example.com/foo)
- adapt and uncomment the following: -->
- <!--
- <rule name="Redirect to remove www" stopProcessing="true">
- <match url="^(.*)$" ignoreCase="false" />
- <conditions>
- <add input="{HTTP_HOST}" pattern="^www\.example\.com$" />
- </conditions>
- <action type="Redirect" redirectType="Permanent" url="http://example.com/{R:1}" />
- </rule>
- -->
-
- <!-- Pass all requests not referring directly to files in the filesystem
- to index.php. -->
- <rule name="Short URLS" stopProcessing="true">
- <match url="^(.*)$" ignoreCase="false" />
- <conditions>
- <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
- <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
- <add input="{URL}" pattern="^/favicon.ico$" ignoreCase="false" negate="true" />
- </conditions>
- <action type="Rewrite" url="index.php" />
- </rule>
- </rules>
- </rewrite>
-
- <!-- If running Windows Server 2008 R2 this can be commented out -->
- <!-- httpErrors>
- <remove statusCode="404" subStatusCode="-1" />
- <error statusCode="404" prefixLanguageFilePath="" path="/index.php" responseMode="ExecuteURL" />
- </httpErrors -->
-
- <defaultDocument>
- <!-- Set the default document -->
- <files>
- <clear />
- <add value="index.php" />
- </files>
- </defaultDocument>
-
- </system.webServer>
-</configuration>
--
GitLab