-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhtaccess.sample
executable file
·75 lines (60 loc) · 3.2 KB
/
htaccess.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
DirectoryIndex index.php
# Always ensure Cookies have "Secure" set.
# This line has been copied from Let's Encrypt's options-ssl-apache.conf.
Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
RewriteEngine on
# NOTA BENE: RewriteBase must be set to the same value os the server
# variable %{CONTEXT_PREFIX}, but with a trailing slash. E.g., if
# %{CONTEXT_PREFIX} = "/a/b/c", then set "RewriteBase /a/b/c/". NB #2:
# %{CONTEXT_PREFIX} is used in one of the rules below.
RewriteBase /
# Hide .git directories
RewriteRule ^\.git ./index.php [L]
# Hide .env
RewriteRule ^\.env ./index.php [L]
RewriteRule ^services/ registry/ [R=301,L]
# ARDC-specific deploy rules (not needed in third-party deployment)
# RewriteRule ^apps/mydois/doi_(.*?)\.php api/doi/$1 [R=301,L,QSA]
# RewriteRule ^apps/mydois/(.*)\.(.*) https://researchdata.ands.org.au/api/doi/$1.$2 [NC,P]
# RewriteRule ^registry/orca/services/oai\.php registry/services/oai [R=301,L,QSA]
RewriteCond $1 ^(css|img|js|less|lib|uploads|shared|images)
# The RewriteConds for "assets" with "-f" go together with the catch-all
# RewriteCond with "!-f" further down.
RewriteCond %{CONTEXT_DOCUMENT_ROOT}/assets/$1/$2 -f
RewriteRule ^assets/(.*?)/(.*)$ assets/$1/$2 [L]
# The RewriteConds for "assets" with "-f" go together with the catch-all
# RewriteCond with "!-f" further down.
RewriteCond %{CONTEXT_DOCUMENT_ROOT}/applications/portal/templates/$1/assets/$2 -f
RewriteRule ^assets/templates/(.*?)/(.*)$ applications/portal/templates/$1/assets/$2 [L]
# The RewriteConds for "assets" with "-f" go together with the catch-all
# RewriteCond with "!-f" further down.
RewriteCond %{CONTEXT_DOCUMENT_ROOT}/applications/portal/$1/assets/$2 -f
RewriteRule ^assets/(.*?)/(.*)$ applications/portal/$1/assets/$2 [L]
RewriteCond $1 ^(registry|roles|apps|developer|portal_auth)
RewriteCond $2 ^(css|img|js|less|lib)
# The RewriteConds for "assets" with "-f" go together with the catch-all
# RewriteCond with "!-f" further down.
RewriteCond %{CONTEXT_DOCUMENT_ROOT}/assets/$2/$3 -f
RewriteRule ^(.*?)/assets/(.*?)/(.*)$ assets/$2/$3 [L]
RewriteCond $1 !^applications/.*/
# The RewriteConds for "assets" with "-f" go together with the catch-all
# RewriteCond with "!-f" further down.
RewriteCond %{CONTEXT_DOCUMENT_ROOT}/applications/$1/$2/assets/$3 -f
RewriteRule ^(.*?)/assets/(.*?)/(.*)$ applications/$1/$2/assets/$3 [L]
RewriteCond %{CONTEXT_DOCUMENT_ROOT}/assets/$1 !-f
# Without R=302 to send a redirect back to the browser, we would get
# only an internal redirect, which _doesn't_ change what PHP sees as
# the request URL, and so we would get undesired proxying of a request
# for vocabulary slug "assets" sent through to the Registry.
# With R=302, the request is handled (eventually) entirely by the
# Portal.
# Note the use of %{CONTEXT_PREFIX}.
RewriteRule ^assets/(.*)$ %{CONTEXT_PREFIX}/page/no_page [L,R=302]
RewriteCond $1 !^(Shibboleth.sso)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ $1/ [L]
RewriteCond $1 !^(index\.php|robots\.txt|favicon\.ico|legacy|googledocverificationidfile\.html|Shibboleth.sso)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*?)/(.*)$ ./index.php?/$2&app=$1 [L,QSA]