当前位置: 文江博客话题详情

Kohana 模块 -path .htaccess 保护和媒体文件

发布于 2024-11-18 00:04:47 字数 796 浏览 2 评论 0原文

Kohana 中,.htaccess 中有 modules -path 保护,

# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]

我如何允许这样的路径:

http://localhost/modules/mymodule /media/js/myjavascript.js

我想将 javascript 和其他媒体文件包含到我的模块中,并仍然保护其他模块文件,例如 .php

我可以允许整个 modules< /code> -path,但然后全部.php -文件也会被列出。

# Protect application and system files from being viewed
RewriteRule ^(?:application|system)\b.* index.php/$0 [L]

当然有基本的 PHP 保护,但我仍然不希望任何人可以列出我的 modules -path。

<?php defined('SYSPATH') or die('No direct script access.');
原文

In Kohana there's modules -path protection in .htaccess

# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]

How could I allow paths like:

http://localhost/modules/mymodule/media/js/myjavascript.js

I would like to include javascript and other media files to my module and still protect other module files like .php

I could allow whole modules -path, but then all .php -files would be listed too.

# Protect application and system files from being viewed
RewriteRule ^(?:application|system)\b.* index.php/$0 [L]

Sure there is basic PHP -protection, but I still won't want that anyone could list my modules -path.

<?php defined('SYSPATH') or die('No direct script access.');

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

小嗷兮 2024-11-25 00:04:47

最好的解决方案是使用媒体控制器来提供这些文件。因此,用户可以请求“js/script.js”,Kohana 将使用级联文件结构加载它找到的第一个文件。 Kohana 附带了一个很好的媒体控制器,它位于用户指南模块中:

classes/controller/userguide.php 第 247 行

public function action_media()
{
    // Get the file path from the request
    $file = $this->request->param('file');

    // Find the file extension
    $ext = pathinfo($file, PATHINFO_EXTENSION);

    // Remove the extension from the filename
    $file = substr($file, 0, -(strlen($ext) + 1));

    if ($file = Kohana::find_file('media/guide', $file, $ext))
    {
        // Check if the browser sent an "if-none-match: <etag>" header, and tell if the file hasn't changed
        $this->response->check_cache(sha1($this->request->uri()).filemtime($file), $this->request);

        // Send the file content as the response
        $this->response->body(file_get_contents($file));

        // Set the proper headers to allow caching
        $this->response->headers('content-type',  File::mime_by_ext($ext));
        $this->response->headers('last-modified', date('r', filemtime($file)));
    }
    else
    {
        // Return a 404 status
        $this->response->status(404);
    }
}

这不会是最快的解决方案,但如果您正确设置响应标头,文件应该缓存在客户端浏览器。

The best solution would be to serve those files using a media controller. So a user could request "js/script.js" and Kohana would load the first file it finds using the cascading file structure. There's a good media controller that comes with Kohana, it's in the Userguide module:

Line 247 of classes/controller/userguide.php

public function action_media()
{
    // Get the file path from the request
    $file = $this->request->param('file');

    // Find the file extension
    $ext = pathinfo($file, PATHINFO_EXTENSION);

    // Remove the extension from the filename
    $file = substr($file, 0, -(strlen($ext) + 1));

    if ($file = Kohana::find_file('media/guide', $file, $ext))
    {
        // Check if the browser sent an "if-none-match: <etag>" header, and tell if the file hasn't changed
        $this->response->check_cache(sha1($this->request->uri()).filemtime($file), $this->request);

        // Send the file content as the response
        $this->response->body(file_get_contents($file));

        // Set the proper headers to allow caching
        $this->response->headers('content-type',  File::mime_by_ext($ext));
        $this->response->headers('last-modified', date('r', filemtime($file)));
    }
    else
    {
        // Return a 404 status
        $this->response->status(404);
    }
}

This wont be the fastest solution, but if you correctly set the response headers the files should be cached on the client browser.

回复 原文
情泪▽动烟 2024-11-25 00:04:47

解决方案,在RewriteRule之前添加这个RewriteCond

# Protect application and system files from being viewed
RewriteCond %{REQUEST_URI} !^(.*/)*(application|application/cache|modules/[^/]*)/media/.*$
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]

Solution, add this RewriteCond just before RewriteRule

# Protect application and system files from being viewed
RewriteCond %{REQUEST_URI} !^(.*/)*(application|application/cache|modules/[^/]*)/media/.*$
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
回复 原文
~没有更多了~

关于作者

野生奥特曼

暂无简介

0 文章
0 评论
25 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

苍风燃霜

文章 0 评论 0

我的黑色迷你裙

文章 0 评论 0

悸初

文章 0 评论 0

撧情箌佬

文章 0 评论 0

森罗

文章 0 评论 0

lyn1245

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文