Skip to content

Commit 60a64a2

Browse files
author
ncomputers.org
committed
webdav improved
1 parent df3a2c0 commit 60a64a2

File tree

2 files changed

+35
-65
lines changed

2 files changed

+35
-65
lines changed

server/conf/vhost.conf.master

Lines changed: 13 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -482,23 +482,20 @@
482482
AssignUserId <tmpl_var name='system_user'> <tmpl_var name='system_group'>
483483
</IfModule>
484484

485-
<IfModule mod_dav_fs.c>
486-
# Do not execute PHP files in webdav directory
487-
<Directory {tmpl_var name='document_root'}/webdav>
488-
<ifModule mod_security2.c>
489-
SecRuleRemoveById 960015
490-
SecRuleRemoveById 960032
491-
</ifModule>
492-
<FilesMatch "\.ph(p3?|tml)$">
493-
SetHandler None
494-
</FilesMatch>
495-
</Directory>
496-
DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
497-
# DO NOT REMOVE THE COMMENTS!
498-
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
499-
# WEBDAV BEGIN
500-
# WEBDAV END
485+
<IfModule mod_dav_fs.c>
486+
<Location /webdav>
487+
<IfModule mod_security2.c>
488+
SecRuleRemoveById 960015
489+
SecRuleRemoveById 960032
501490
</IfModule>
491+
DirectoryIndex disabled
492+
SetHandler None
493+
</Location>
494+
DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
495+
# needed by apache2_plugin.inc.php
496+
# WEBDAV BEGIN
497+
# WEBDAV END
498+
</IfModule>
502499

503500
<tmpl_var name='apache_directives'>
504501
<tmpl_hook name='apache2_vhost:vhost_footer'>

server/plugins-available/apache2_plugin.inc.php

Lines changed: 22 additions & 49 deletions
Original file line numberDiff line numberDiff line change
@@ -2878,76 +2878,49 @@ private function _patchVhostWebdav($fileName, $webdavRoot) {
28782878
$in = fopen($fileName, 'r');
28792879
$output = '';
28802880
$inWebdavSection = false;
2881-
2882-
/*
2883-
* read line by line and search for the username and authname
2884-
*/
2881+
//* read line by line and search for the username and authname
28852882
while ($line = fgets($in)) {
2886-
/*
2887-
* is the "replace-comment" found...
2888-
*/
2883+
//* is the "replace-comment" found...
28892884
if (trim($line) == '# WEBDAV BEGIN') {
2890-
/*
2891-
* The begin of the webdav - section is found, so ignore all lines til the end is found
2892-
*/
2885+
//* The begin of the webdav - section is found, so ignore all lines til the end is found
28932886
$inWebdavSection = true;
2894-
2895-
$output .= " # WEBDAV BEGIN\n";
2896-
2897-
/*
2898-
* add all the webdav-dirs to the webdav-section
2899-
*/
2887+
$output .= "# WEBDAV BEGIN\n";
2888+
//* add all the webdav-dirs to the webdav-section
29002889
$files = @scandir($webdavRoot);
29012890
if(is_array($files)) {
29022891
foreach($files as $file) {
29032892
if (substr($file, strlen($file) - strlen('.htdigest')) == '.htdigest' && preg_match("/^[a-zA-Z0-9\-_\.]*$/", $file)) {
2904-
/*
2905-
* found a htdigest - file, so add it to webdav
2906-
*/
2893+
//* found a htdigest - file, so add it to webdav
29072894
$fn = substr($file, 0, strlen($file) - strlen('.htdigest'));
2908-
$output .= "\n";
2909-
// $output .= " Alias /" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
2910-
// $output .= " <Location /" . $fn . ">\n";
2911-
$output .= " Alias /webdav/" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
2912-
$output .= " <Location /webdav/" . $fn . ">\n";
2913-
$output .= " DAV On\n";
2914-
$output .= ' BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On'."\n";
2915-
$output .= " AuthType Digest\n";
2916-
$output .= " AuthName \"" . $fn . "\"\n";
2917-
$output .= " AuthUserFile " . $webdavRoot . '/' . $file . "\n";
2918-
$output .= " Require valid-user \n";
2919-
$output .= " Options +Indexes \n";
2920-
$output .= " Order allow,deny \n";
2921-
$output .= " Allow from all \n";
2922-
$output .= " </Location> \n";
2895+
$output .= "Alias /webdav/$fn $webdavRoot/$fn\n";
2896+
$output .= "<Location /webdav/$fn>\n";
2897+
$output .= "Dav On\n";
2898+
$output .= "BrowserMatch MSIE AuthDigestEnableQueryStringHack=On\n";
2899+
$output .= "AuthType Digest\n";
2900+
$output .= "AuthName \"$fn\"\n";
2901+
$output .= "AuthUserFile $webdavRoot/$file\n";
2902+
$output .= "Require valid-user\n";
2903+
$output .= "Options +Indexes\n";
2904+
if($app->system->getapacheversion()<=2.2)
2905+
$output .= "Order allow,deny\nAllow from all\n";
2906+
$output .= "</Location>\n";
29232907
}
29242908
}
29252909
}
29262910
}
2927-
/*
2928-
* is the "replace-comment-end" found...
2929-
*/
2911+
//* is the "replace-comment-end" found...
29302912
if (trim($line) == '# WEBDAV END') {
2931-
/*
2932-
* The end of the webdav - section is found, so stop ignoring
2933-
*/
2913+
//* The end of the webdav - section is found, so stop ignoring
29342914
$inWebdavSection = false;
29352915
}
2936-
2937-
/*
2938-
* Write the line to the output, if it is not in the section
2939-
*/
2916+
//* Write the line to the output, if it is not in the section
29402917
if (!$inWebdavSection) {
29412918
$output .= $line;
29422919
}
29432920
}
29442921
fclose($in);
2945-
2946-
/*
2947-
* Now lets write the new file
2948-
*/
2922+
//* Now lets write the new file
29492923
$app->system->file_put_contents($fileName, $output);
2950-
29512924
}
29522925

29532926
//* Update the awstats configuration file

0 commit comments

Comments
 (0)