@tsteur opened this Issue on June 10th 2020 Member

See eg https://github.com/matomo-org/matomo/blob/4.x-dev/plugins/Installation/ServerFilesGenerator.php#L65
but also for IIS we need to create htaccess file / web config file for the node_modules directory.

Might need to trigger the createFilesForSecurity() method in an update to ensure they exist (or maybe we do this on every update not sure)

@Findus23 commented on June 10th 2020 Member

Also applied the change in https://github.com/matomo-org/matomo-nginx/commit/565aeb5b26fa9f50f6715eb0b140661f0d845a72

The question is: Do we need people to access node_modules at all? If I understand #16049 correctly it still allows access to asset files there.

@tsteur commented on June 10th 2020 Member

@Findus23 yes few files might be loaded individually depending on demand eg maybe iframeresizer etc

This Issue was closed on June 10th 2020
Powered by GitHub Issue Mirror