Add access restriction for specific xml files in plugin dirs

bcremer / shopware-with-nginx

Running shopware using NGINX

http://shopware.com

BSD 2-Clause "Simplified" License

95 stars 46 forks source link

Add access restriction for specific xml files in plugin dirs #45

Closed Pmuckel closed 5 years ago

Pmuckel commented 5 years ago

Without this change it would be possible to access e.g. the config.xml of a plugin and this would cause a security vulnerability if the config-file contains sensitive data.

bcremer commented 5 years ago

Good find. Than's for your contribution. Please see my inline comment.