From bbf44c3be858fc9ab66b8460e77a7e2855871f03 Mon Sep 17 00:00:00 2001
From: Jan Kiesewetter <jan@t3easy.de>
Date: Sun, 26 Apr 2015 09:24:10 +0200
Subject: [PATCH] [TASK] Protect configuration of extensions

Similar to protecting the private resources, the configuration
of an extension should be protected as well.

Change-Id: Ib68cb77ea21e8ec192927d1c9c62a30c1bb7103f
Releases: master, 6.2
Resolves: #66573
Reviewed-on: http://review.typo3.org/38921
Reviewed-by: Markus Klein <klein.t3@reelworx.at>
Reviewed-by: Stefan Froemken <froemken@gmail.com>
Tested-by: Stefan Froemken <froemken@gmail.com>
Reviewed-by: Jan Kiesewetter <jan@t3easy.de>
Tested-by: Jan Kiesewetter <jan@t3easy.de>
Reviewed-by: Andreas Fernandez <andreas.fernandez@aspedia.de>
Tested-by: Markus Klein <klein.t3@reelworx.at>
---
 _.htaccess | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/_.htaccess b/_.htaccess
index 23fa98b7fe45..7944e4f05704 100644
--- a/_.htaccess
+++ b/_.htaccess
@@ -106,9 +106,11 @@ RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ $1.$3 [L]
 # For httpd.conf, use these lines instead of the next ones:
 # RewriteRule ^/TYPO3root/fileadmin/(.*/)?_recycler_/ - [F]
 # RewriteRule ^/TYPO3root/fileadmin/templates/.*(\.txt|\.ts)$ - [F]
+# RewriteRule ^/TYPO3root/typo3conf/ext/[^/]+/Configuration/ - [F]
 # RewriteRule ^/TYPO3root/typo3conf/ext/[^/]+/Resources/Private/ - [F]
 RewriteRule ^fileadmin/(.*/)?_recycler_/ - [F]
 RewriteRule ^fileadmin/templates/.*(\.txt|\.ts)$ - [F]
+RewriteRule ^typo3conf/ext/[^/]+/Configuration/ - [F]
 RewriteRule ^typo3conf/ext/[^/]+/Resources/Private/ - [F]
 
 # Stop rewrite processing, if we are in the typo3/ directory.
-- 
GitLab