Closed artus70 closed 6 years ago
The currently made (and reverted) patch "5e38189" has the problem that
new rule in commit: $this->domainPattern . ')?(\/?.+(?:' . $this->folderPattern
setting in extension configuration: typo3temp|fileadmin/uploads|intern
It would be great if the desired behaviour could be specified via regular expression, e.g. use typo3temp|fileadmin/uploads|filedmin/intern
if you only want exactly those directories included and use something like typo3temp|fileadmin\/uploads|(?:.+\/)*intern\/
if you want to include all subdirectories "intern" at any level.
However this is currently not possible, because:
.+
is escaped to \.+
) and cannot be used to enter this and other regular expressions. This actually makes sense because a wildcarding at the beginning of the string would match external domains as will so one would need to be extra careful here.
Currently only the specification of absolute folder paths is possible. I'd really like to be able to select subfolders by name, i.e. each folder called "locked" will be treated as secured folder.
This can be reached with a small change in HtmlParser.php:
So in the preferences "fileadmin" could be replaced by "locked" to make folders with that name secure.
It could then be used in combination with a corresponding Apache directive to secure those folders in general: