From fecee09bc177eafebf3beb7b99067a62859fa8e0 Mon Sep 17 00:00:00 2001
From: Cedric Ziel <cedric@cedric-ziel.com>
Date: Thu, 14 Jan 2016 19:18:24 +0100
Subject: [PATCH] [TASK] Allow access to visible content within /.well-known/
 directory

Allow access to the visible content from within the `/.well-known/`
hidden directory. The access to all other hidden files and directories
(starting with a dot) is still blocked.

The /.well-known/ directory represents the standard (RFC 5785) path
prefix for "well-known locations", and therefore, access to its visible
content should not be blocked.

Change-Id: I533d38a12da5cae59abed4fc00d597814d28fa04
Resolves: #72712
Releases: master,7.6,6.2
Reviewed-on: https://review.typo3.org/45901
Reviewed-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: Morton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Andreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
---
 _.htaccess | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/_.htaccess b/_.htaccess
index b0b4960975d7..c1198a198efd 100644
--- a/_.htaccess
+++ b/_.htaccess
@@ -282,7 +282,9 @@ AddDefaultCharset utf-8
 	RewriteRule ^(vendor|typo3_src) - [F]
 	RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?)/ - [F]
 
-	# Access block for files or folders starting with a dot
+	# Block access to all hidden files and directories with the exception of
+	# the visible content from within the `/.well-known/` hidden directory (RFC 5785).
+	RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
 	RewriteCond %{SCRIPT_FILENAME} -d [OR]
 	RewriteCond %{SCRIPT_FILENAME} -f
 	RewriteRule (?:^|/)\. - [F]
-- 
GitLab