summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Install/Filesystem.pm
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla/Install/Filesystem.pm')
-rw-r--r--Bugzilla/Install/Filesystem.pm42
1 files changed, 15 insertions, 27 deletions
diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm
index 22ec34a95..162e324f7 100644
--- a/Bugzilla/Install/Filesystem.pm
+++ b/Bugzilla/Install/Filesystem.pm
@@ -31,6 +31,7 @@ use File::Path;
use File::Basename;
use File::Copy qw(move);
use File::Spec;
+use File::stat;
use Cwd ();
use File::Slurp;
use IO::File;
@@ -81,12 +82,16 @@ EOT
use constant HT_ASSETS_DIR => <<'EOT';
# Allow access to .css and js files
-<FilesMatch \.(css|js)$>
- Allow from all
+<FilesMatch state\.json$>
+ Deny from all
</FilesMatch>
+FileETag None
+Header set Cache-Control "public, immutable, max-age=31536000"
+Header set Content-Security-Policy "default-src 'none';"
+
# And no directory listings, either.
-Deny from all
+Options -Indexes
EOT
use constant INDEX_HTML => <<'EOT';
@@ -344,7 +349,7 @@ sub FILESYSTEM {
$attachdir => DIR_CGI_WRITE,
$graphsdir => DIR_CGI_WRITE | DIR_ALSO_WS_SERVE,
$webdotdir => DIR_CGI_WRITE | DIR_ALSO_WS_SERVE,
- $assetsdir => DIR_CGI_WRITE | DIR_ALSO_WS_SERVE,
+ $assetsdir => DIR_WS_SERVE,
$template_cache => DIR_CGI_WRITE,
$error_reports => DIR_CGI_WRITE,
# Directories that contain content served directly by the web server.
@@ -446,8 +451,13 @@ sub FILESYSTEM {
"$webdotdir/.htaccess" => { perms => WS_SERVE,
contents => HT_WEBDOT_DIR },
"$assetsdir/.htaccess" => { perms => WS_SERVE,
- contents => HT_ASSETS_DIR },
+ contents => HT_ASSETS_DIR },
);
+ my $mtime = stat(__FILE__)->mtime;
+ foreach my $file (keys %htaccess) {
+ my $file_stat = stat($file);
+ $htaccess{$file}{overwrite} = $file_stat && $mtime > $file_stat->mtime;
+ }
Bugzilla::Hook::process('install_filesystem', {
files => \%files,
@@ -561,7 +571,6 @@ sub update_filesystem {
_remove_empty_css_files();
_convert_single_file_skins();
- _remove_dynamic_assets();
}
sub _css_url_fix {
@@ -627,27 +636,6 @@ sub _convert_single_file_skins {
}
}
-# delete all automatically generated css/js files to force recreation at the
-# next request.
-sub _remove_dynamic_assets {
- my @files = (
- glob(bz_locations()->{assetsdir} . '/*.css'),
- glob(bz_locations()->{assetsdir} . '/*.js'),
- );
- foreach my $file (@files) {
- unlink($file);
- }
-
- # remove old skins/assets directory
- my $old_path = bz_locations()->{skinsdir} . '/assets';
- if (-d $old_path) {
- foreach my $file (glob("$old_path/*.css")) {
- unlink($file);
- }
- rmdir($old_path);
- }
-}
-
sub create_htaccess {
_create_files(%{FILESYSTEM()->{htaccess}});