CODEWITHSUNDEEP
php.htaccessmod-rewriteurl-rewritingsymlink
Ozzy
Ozzy

Reputation: 10643

Mod Rewrite show private file access denied

I have the following mod rewrite rules:

RewriteCond %{DOCUMENT_ROOT}/../application/%{REQUEST_URI} -f
RewriteRule ([\w]+\/www\/(.*)) %{DOCUMENT_ROOT}/../../application/$1 [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ ./index.php/$1

My server directory layout is like so:

/application
--/example
----/www
------/test.jpg
/www <- public root
--/.htaccess
--/index.php

Basically, the idea is, you access the index.php like so:

example.com/test/paths/ < would pass test/paths/ to index.php

example.com/example/www/test.png < would pass example/www/test.png to index.php

example.com/example/www/test.jpg < would output the contents of test.jpg

Now the first two examples work perfectly. When we get to the last example which would output the contents of test.jpg (which is in a non public directory), I get this error:

You don't have permission to access /C:/web/git/framework/application/example/www/test.jpg on this server.

I could pass this to another public php file which would then just do a file_get_contents of the private file and show it that way but I would ideally not want to spawn additional php processes. Is there anyway I can do what i want without the access denied part?

Edit

I have solved the problem by approaching it differently. I moved the entire applications directory into the www directory and now I use this HT ACCESS file to only load files within a \w/www/* directory

RewriteCond %{REQUEST_URI} ^/[\w]+/www/(.*)$
RewriteCond %{DOCUMENT_ROOT}/applications/%{REQUEST_URI} -f
RewriteRule ([\w]+\/www\/(.*)) /applications/$1 [L]

RewriteCond %{REQUEST_URI} !^/index.php/.*
RewriteRule ^(.*)$ ./index.php/$1

Upvotes: 1

Views: 303

Answers (1)

Ozzy
Ozzy

Reputation: 10643

I have solved the problem by approaching it differently. I moved the entire applications directory into the www directory and now I use this HT ACCESS file to only load files within a \w/www/* directory

RewriteCond %{REQUEST_URI} ^/[\w]+/www/(.*)$
RewriteCond %{DOCUMENT_ROOT}/applications/%{REQUEST_URI} -f
RewriteRule ([\w]+\/www\/(.*)) /applications/$1 [L]

RewriteCond %{REQUEST_URI} !^/index.php/.*
RewriteRule ^(.*)$ ./index.php/$1

Upvotes: 1

Related Questions