search

xperseguers / t3ext-fal-protect

This extension protects everything within fileadmin/ based on associated file restrictions.
https://extensions.typo3.org/extension/fal_protect
GNU General Public License v2.0
11 stars 7 forks source link

RewriteRule doesn't work if TYPO3 is located in a subdirectory #39

Open tobiasschaeferptb opened 2 years ago

tobiasschaeferptb commented 2 years ago

Hi,

I can't get it to work if the TYPO3 installation is located in a subdirectory of the apache root directory. I would like to be able use fal_protect if the same file can be accessed with: https://hostname1.xz/fileadmin/test.pdf and https://hostname2.xz/abc/fileadmin/test.pdf hostname1.xzpoints to TYPO3 root directory (/srv/www/htdocs/abc) andhostname2to the apache root directory (/srv/www/htdocs`).

If I use this in /srv/www/htdocs/abc/.htaccess:

RewriteCond %{REQUEST_URI} !/fileadmin/_processed_/.*$
RewriteRule ^fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

it works for https://hostname1.xz/fileadmin/test.pdf but it doesn't work for https://hostname2.xz/abc/fileadmin/test.pdf

TYPO3 error message:

Page Not Found The page did not exist or was inaccessible. Reason: The requested page does not exist

How do I have to change the RewriteRule to make it work?

Cheers, Tobias

xperseguers commented 2 years ago

(reworked the ticket to make it readable with some new lines, some code formatting)

xperseguers commented 2 years ago

The RewriteCond should probably better be !^/fileadmin/...... in the first place, for a root installation, but for sure the RewriteRule cannot wrong for a subdirectory since it reads:

RewriteRule ^fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

The ^ stands for "beginning of the string". And if you are in a subdirectory, then obviously there will be some prefix there.

In case of having a subdirectory, you probably want to either adapt the proposed rules or make use of the RewriteBase instructions in addition. See https://stackoverflow.com/questions/11784073/apache-rewrite-rule-to-redirect-all-request-to-subdirectory-containing-another for an example.

Please comment if this works and possibly what you changed so that it works (useful for others coming to this ticket in future).

tobiasschaeferptb commented 2 years ago

The RewriteRule seems to work as it is. TYPO3 (10.4.25) throws as exception at the end of the matchRequest method in typo3/sysext/core/Classes/Routing/PageRouter.php at line 227 throw new RouteNotFoundException('No route found for path "' . $urlPath . '"', 1538389998); The $urlPath variable contains the path to the file and the filename without the subdirectory abc: fileadmin/test.pdf The request was https://hostname2.xz/abc/fileadmin/test.pdf. So I think $urlPath should be abc/fileadmin/test.pdf.

I tried to get the backtrace with debug_print_backtrace. This is what I got:

0 TYPO3\CMS\Core\Routing\PageRouter->matchRequest(TYPO3\CMS\Core\Http\ServerRequest Object

1 TYPO3\CMS\Frontend\Middleware\PageResolver->process(TYPO3\CMS\Core\Http\ServerRequest Object

2 class@anonymous->handle(TYPO3\CMS\Core\Http\ServerRequest Object

3 TYPO3\CMS\Frontend\Middleware\StaticRouteResolver->process(TYPO3\CMS\Core\Http\ServerRequest Object

4 class@anonymous->handle(TYPO3\CMS\Core\Http\ServerRequest Object

5 TYPO3\CMS\Adminpanel\Middleware\AdminPanelInitiator->process(TYPO3\CMS\Core\Http\ServerRequest Object

6 class@anonymous->handle(TYPO3\CMS\Core\Http\ServerRequest Object

7 TYPO3\CMS\Frontend\Middleware\SiteBaseRedirectResolver->process(TYPO3\CMS\Core\Http\ServerRequest Object

8 class@anonymous->handle(TYPO3\CMS\Core\Http\ServerRequest Object

9 TYPO3\CMS\Redirects\Http\Middleware\RedirectHandler->process(TYPO3\CMS\Core\Http\ServerRequest Object

Then Chrome crashed because of out of memory.

xperseguers commented 2 years ago

@tobiasschaeferptb Did you try to adapt the .htacccess rule to

RewriteCond %{REQUEST_URI} !/abc/fileadmin/_processed_/.*$
RewriteRule ^abc/fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

as suggested?

tobiasschaeferptb commented 1 year ago

I tested

RewriteCond %{REQUEST_URI} !/abc/fileadmin/_processed_/.*$
RewriteRule ^abc/fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

and

RewriteCond %{REQUEST_URI} !^/abc/fileadmin/_processed_/.*$
RewriteRule ^abc/fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

as you suggested on Feb 28, 2022 that it should be !^/abc/fileadmin/_processed_/.*$ instead of !/abc/fileadmin/_processed_/.*$. Both didn't work. I also updated to v1.4.1. Is the order of the 2 RewriteCond important?

RewriteCond %{REQUEST_URI} !^/abc/fileadmin/_processed_/.*$
RewriteRule ^abc/fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]
RewriteCond %{REQUEST_URI} !^/fileadmin/_processed_/.*$
RewriteRule ^fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

or

RewriteCond %{REQUEST_URI} !^/fileadmin/_processed_/.*$
RewriteRule ^fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]
RewriteCond %{REQUEST_URI} !^/abc/fileadmin/_processed_/.*$
RewriteRule ^abc/fileadmin/.*$ %{ENV:CWD}index.php [QSA,L]

With both orders it only works with https://hostname1.xz/fileadmin/test.pdf.

EvilBMP commented 1 year ago

Have you tried setting the RewriteBase property to /abc/ in the .htaccess file?

tobiasschaeferptb commented 1 year ago

What would be the right combination of RewriteBase, RewriteCond and RewriteRule? If I use RewriteBase /abc/ follow by RewriteCond and RewriteRule do I have to set the RewriteBase to / afterwards?

xperseguers commented 1 year ago

I don't use Apache on any production server, so I won't help.

@tobiasschaeferptb: Hint: since I already edited two of your messages to be more readable, please use single backtick (`) and triple backticks (```) when showing some code and code block respectively as it makes reading much more pleasant for everyone. And If you write multiple paragraphs, then please add an empty line between them, for the same reason.