summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-05-17 16:14:08 +0200
committerGuilhem Moulin <guilhem@fripost.org>2020-05-17 18:30:03 +0200
commita4e1c724be8729854c38c452a7bc248a3ee16f39 (patch)
treeab3147491cd6e6f7c2d6b0ad2089612a4c0bd445
parent20d14e9e6b3baf04c952605088af1d380bfb6d90 (diff)
Webmail: Fix allowed extensions for static resources.
$ find -L /usr/share/roundcube/{plugins,program/js,program/resources,skins} -xtype f -printf "%f\\n" \ | sed -r "s/^([^.]+)(.*)/\1\2\t\2/" | sort -k2 | uniq -c -f1
-rw-r--r--roles/webmail/files/etc/nginx/sites-available/roundcube2
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/webmail/files/etc/nginx/sites-available/roundcube b/roles/webmail/files/etc/nginx/sites-available/roundcube
index 7565b10..9763b31 100644
--- a/roles/webmail/files/etc/nginx/sites-available/roundcube
+++ b/roles/webmail/files/etc/nginx/sites-available/roundcube
@@ -58,7 +58,7 @@ server {
fastcgi_pass unix:/var/run/php/php7.3-fpm@roundcube.sock;
}
- location ~ "^/(?:plugins|program/js|program/resources|skins)/.*[^./]\.(?:css|eot|gif|html|ico|jpg|js|pdf|png|svg|tif|ttf|woff)$" {
+ location ~ "^/(?:plugins|program/js|program/resources|skins)(?:/[[:alnum:]][[:alnum:]\-\._]*)+\.(?:css|eot|gif|html|ico|jpg|js|pdf|png|svg|tiff?|ttf|woff2?)$" {
try_files $uri =404;
expires 30d;
}