diff options
author | Mario Vavti <mario@mariovavti.com> | 2020-06-14 15:39:00 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2020-06-14 15:39:00 +0200 |
commit | 7270da6a28f836f94f6d98557df9532e587c3646 (patch) | |
tree | 86bc0a8d3956ae4bff86dcbb96bb3b88b68e5daa /vendor/blueimp/jquery-file-upload/server/php | |
parent | 8cd66145bdd8bf0f43c2a1774181c974335fc494 (diff) | |
parent | 92ee27349cb62e0a78f25686c3fe64cd8dd4130c (diff) | |
download | volse-hubzilla-7270da6a28f836f94f6d98557df9532e587c3646.tar.gz volse-hubzilla-7270da6a28f836f94f6d98557df9532e587c3646.tar.bz2 volse-hubzilla-7270da6a28f836f94f6d98557df9532e587c3646.zip |
Merge branch 'dev' of https://framagit.org/hubzilla/core into dev
Diffstat (limited to 'vendor/blueimp/jquery-file-upload/server/php')
4 files changed, 68 insertions, 31 deletions
diff --git a/vendor/blueimp/jquery-file-upload/server/php/.dockerignore b/vendor/blueimp/jquery-file-upload/server/php/.dockerignore new file mode 100644 index 000000000..6f0168844 --- /dev/null +++ b/vendor/blueimp/jquery-file-upload/server/php/.dockerignore @@ -0,0 +1,2 @@ +* +!php.ini diff --git a/vendor/blueimp/jquery-file-upload/server/php/Dockerfile b/vendor/blueimp/jquery-file-upload/server/php/Dockerfile index 67752f995..7f271b581 100644 --- a/vendor/blueimp/jquery-file-upload/server/php/Dockerfile +++ b/vendor/blueimp/jquery-file-upload/server/php/Dockerfile @@ -11,28 +11,34 @@ RUN ln -s /etc/apache2/mods-available/rewrite.load \ # Install GD, Imagick and ImageMagick as image conversion options: RUN DEBIAN_FRONTEND=noninteractive \ apt-get update && apt-get install -y --no-install-recommends \ - libpng-dev \ - libjpeg-dev \ - libmagickwand-dev \ - imagemagick \ + libpng-dev \ + libjpeg-dev \ + libmagickwand-dev \ + imagemagick \ && pecl install \ - imagick \ + imagick \ && docker-php-ext-enable \ - imagick \ + imagick \ && docker-php-ext-configure \ - gd --with-jpeg=/usr/include/ \ + gd --with-jpeg=/usr/include/ \ && docker-php-ext-install \ - gd \ + gd \ # Uninstall obsolete packages: && apt-get autoremove -y \ - libpng-dev \ - libjpeg-dev \ - libmagickwand-dev \ + libpng-dev \ + libjpeg-dev \ + libmagickwand-dev \ # Remove obsolete files: && apt-get clean \ && rm -rf \ - /tmp/* \ - /usr/share/doc/* \ - /var/cache/* \ - /var/lib/apt/lists/* \ - /var/tmp/* + /tmp/* \ + /usr/share/doc/* \ + /var/cache/* \ + /var/lib/apt/lists/* \ + /var/tmp/* + +# Use the default development configuration: +RUN mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini" + +# Add a custom configuration file: +COPY php.ini "$PHP_INI_DIR/conf.d/" diff --git a/vendor/blueimp/jquery-file-upload/server/php/files/.htaccess b/vendor/blueimp/jquery-file-upload/server/php/files/.htaccess index 6f454afb9..be8cb1916 100644 --- a/vendor/blueimp/jquery-file-upload/server/php/files/.htaccess +++ b/vendor/blueimp/jquery-file-upload/server/php/files/.htaccess @@ -1,25 +1,49 @@ -# To enable the Headers module, execute the following command and reload Apache: +# If you have not done so already, please first read SECURITY.md in the root +# directory of this project or online: +# https://github.com/blueimp/jQuery-File-Upload/blob/master/SECURITY.md +# +# The settings in this file require Apache to support configuration overrides +# in .htaccess files, which is disabled by default since Apache v2.3.9 and needs +# to be enabled for the directives in this file to have any effect, see also: +# https://httpd.apache.org/docs/current/mod/core.html#allowoverride +# +# If you have full control over the web server, it is preferrable to define the +# settings in the Apache configuration (e.g. /etc/apache2/apache2.conf) itself. +# +# Some of the directives require the Apache Headers module. If it is not +# already enabled, please execute the following command and reload Apache: # sudo a2enmod headers +# +# Please note that the order of directives across configuration files matters, +# see also: +# https://httpd.apache.org/docs/current/sections.html#merging -# The following directives prevent the execution of script files -# in the context of the website. -# They also force the content-type application/octet-stream and -# force browsers to display a download dialog for non-image files. -SetHandler default-handler -ForceType application/octet-stream -Header set Content-Disposition attachment +# The following directive matches all files and forces them to be handled as +# static content, which prevents the server from parsing and executing files +# that are associated with a dynamic runtime, e.g. PHP files. +# It also forces their Content-Type header to "application/octet-stream" and +# adds a "Content-Disposition: attachment" header to force a download dialog, +# which prevents browsers from interpreting files in the context of the +# web server, e.g. HTML files containing JavaScript. +# Lastly it also prevents browsers from MIME-sniffing the Content-Type, +# preventing them from interpreting a file as a different Content-Type than +# the one sent by the webserver. +<FilesMatch ".*"> + SetHandler default-handler + ForceType application/octet-stream + Header set Content-Disposition attachment + Header set X-Content-Type-Options nosniff +</FilesMatch> -# The following unsets the forced type and Content-Disposition headers -# for known image files: -<FilesMatch "(?i)\.(gif|jpe?g|png)$"> +# The following directive matches known image files and unsets the forced +# Content-Type so they can be served with their original mime type. +# It also unsets the Content-Disposition header to allow displaying them +# inline in the browser. +<FilesMatch ".+\.(?i:(gif|jpe?g|png))$"> ForceType none Header unset Content-Disposition </FilesMatch> -# The following directive prevents browsers from MIME-sniffing the content-type. -# This is an important complement to the ForceType directive above: -Header set X-Content-Type-Options nosniff - # Uncomment the following lines to prevent unauthorized download of files: #AuthName "Authorization required" #AuthType Basic diff --git a/vendor/blueimp/jquery-file-upload/server/php/php.ini b/vendor/blueimp/jquery-file-upload/server/php/php.ini new file mode 100644 index 000000000..c04b5c653 --- /dev/null +++ b/vendor/blueimp/jquery-file-upload/server/php/php.ini @@ -0,0 +1,5 @@ +max_execution_time = 300 +memory_limit = 500M +post_max_size = 4G +upload_max_filesize = 4G +max_file_uploads = 50 |