From 1c2aad89ab86b519b0ca7f0cb560b917b2ca595a Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Dec 2015 07:21:22 -0500
Subject: [PATCH] Fix .htaccess rewrite rules to not block .well-known URIs (#1490615)

---
 CHANGELOG |    1 +
 .htaccess |    2 +-
 2 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/.htaccess b/.htaccess
index 089e014..59e5dca 100644
--- a/.htaccess
+++ b/.htaccess
@@ -32,7 +32,7 @@
 # security rules:
 # - deny access to files not containing a dot or starting with a dot
 #   in all locations except installer directory
-RewriteRule ^(?!installer|[a-zA-Z0-9]{16})(\.?[^\.]+)$ - [F]
+RewriteRule ^(?!installer|\.well-known\/|[a-zA-Z0-9]{16})(\.?[^\.]+)$ - [F]
 # - deny access to some locations
 RewriteRule ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F]
 # - deny access to some documentation files
diff --git a/CHANGELOG b/CHANGELOG
index ae5203c..7a72e56 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -7,6 +7,7 @@
 - Fix PDF support detection in Firefox > 19 (#1490610)
 - Fix path traversal vulnerability in setting a skin (#1490620)
 - Fix so drag-n-drop of text (e.g. recipient addresses) on compose page actually works (#1490619)
+- Fix .htaccess rewrite rules to not block .well-known URIs (#1490615)
 
 RELEASE 1.2-beta
 ----------------

--
Gitblit v1.9.1