[Pkg-php-commits] [php/debian-sid] Use FilesMatch and SetHandler on apache setups (Closes: #491928)
Raphael Geissert
geissert at debian.org
Sun Feb 7 23:17:14 UTC 2010
AddType is long-time deprecated to set a handler, but using AddHandler
allows the, usually unwanted with security implications, execution of
whatever file matching '.php'. Therefore use FilesMatch to define a
stricter execution scope.
---
debian/libapache2-mod-php5.conf | 8 ++++++--
debian/libapache2-mod-php5filter.conf | 6 ++++--
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/debian/libapache2-mod-php5.conf b/debian/libapache2-mod-php5.conf
index 04fc357..b114a48 100644
--- a/debian/libapache2-mod-php5.conf
+++ b/debian/libapache2-mod-php5.conf
@@ -1,4 +1,8 @@
<IfModule mod_php5.c>
- AddType application/x-httpd-php .php .phtml .php3
- AddType application/x-httpd-php-source .phps
+ <FilesMatch "\.ph(p3?|tml)$">
+ SetHandler application/x-httpd-php
+ </FilesMatch>
+ <FilesMatch "\.phps$">
+ SetHandler application/x-httpd-php-source
+ </FilesMatch>
</IfModule>
diff --git a/debian/libapache2-mod-php5filter.conf b/debian/libapache2-mod-php5filter.conf
index c15e567..6d74a75 100644
--- a/debian/libapache2-mod-php5filter.conf
+++ b/debian/libapache2-mod-php5filter.conf
@@ -1,4 +1,6 @@
<IfModule mod_php5.c>
- AddInputFilter PHP php phtml php3
- AddOutputFilter PHP php phtml php3
+ <FilesMatch "\.ph(p3?|tml)$">
+ SetInputFilter PHP
+ SetOutputFilter PHP
+ </FilesMatch>
</IfModule>
--
1.6.3.3
More information about the Pkg-php-commits
mailing list