Task #23078
closedShip .htaccess with a Deny rule for *.sql
Added by Steffen Gebert over 14 years ago. Updated about 7 years ago.
100%
Description
*.sql files can disclosure infomation, which could be helpful for attackers.
ext_tables.sql in extensions is an example.
(issue imported from #M14975)
Updated by Steffen Gebert almost 13 years ago
- Target version deleted (
0) - TYPO3 Version changed from 4.4 to 4.7
Opinions?
Updated by Georg Ringer almost 13 years ago
don't do that as there is absolutly no benefit and fare more ways to get the version of an extension.
if there is a sqlI on a website, you don't need those files anyway to get the table structure.
better would be to invest time to be able to move the ext_tables.sql inside the Resources/Private folder as there is the better way for an htaccess to block everything.
Updated by Steffen Gebert almost 13 years ago
I filed this once when I googled for some TYPO3 string and ended up in a SQL dump of someone's TYPO3 installation. That's why I would say better safe than sorry..
Although they didn't link it anywhere and they created it just a few days ago, it appeared in the Google results. Of course, ext_tables.sql is a bad argument. Let's just use the vote button!
Updated by Steffen Ritter over 12 years ago
- Target version changed from 4.7.0-beta2 to 4.7.0-beta3
Updated by Stephan Großberndt over 9 years ago
- Tracker changed from Bug to Feature
- Target version changed from 4.7.0-beta3 to next-patchlevel
- PHP Version deleted (
5.3)
Updated by Stephan Großberndt over 9 years ago
- Tracker changed from Feature to Task
- TYPO3 Version set to 7
Updated by Gerrit Code Review over 9 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 9 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 10 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 11 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 12 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 13 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 14 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 15 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 16 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Markus Klein over 9 years ago
- Assignee changed from Andreas Kienast to Markus Klein
- Target version changed from next-patchlevel to 7.4 (Backend)
- Sprint Focus set to Remote Sprint
Updated by Gerrit Code Review over 9 years ago
Patch set 17 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 18 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 19 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/39254
Updated by Gerrit Code Review over 9 years ago
Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40792
Updated by Andreas Fernandez over 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset edd2a1c53e038d81f28fad05cd606d6dd040c93d.
Updated by Gerrit Code Review over 9 years ago
- Status changed from Resolved to Under Review
Patch set 2 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/40792
Updated by Andreas Fernandez over 9 years ago
- Status changed from Under Review to Resolved
Applied in changeset edf1c78e86fea9f27bf2f683845d5838bcbd830e.
Updated by Riccardo De Contardi about 7 years ago
- Status changed from Resolved to Closed