@piotr-cz opened this Pull Request on April 27th 2014 Contributor

When somehow parent folder receives .htaccess file with Deny from all rules.
See issue [http://forum.piwik.org/read.php?2,109382]

@robocoder commented on April 27th 2014 Contributor

It shouldn't be publicly accessible by default as it could lead to potential DoS attack.

@piotr-cz commented on April 27th 2014 Contributor
@robocoder commented on April 27th 2014 Contributor

Ok, I see CronArchive checks token_auth. But the code says archive.* scripts are deprecated or not recommended. Maybe this use case should no longer be documented?

@piotr-cz commented on April 27th 2014 Contributor

I don't know, I'm just an user. So there is another front controller for web cron?

By the way, one travis job failed, but it doesn't seem to be related to this issue.

@mattab commented on April 28th 2014 Member

the archive.php is still used for webcron (the warning is not shown in the webcron).
is there a reason for the updatetoken.php added there as well?

@piotr-cz commented on April 28th 2014 Contributor

@mattab Only reason is that the updatetoken.php code it looks to me like another front controller. I can exclude it from the directive if I'm wrong.

@mattab commented on April 28th 2014 Member

yes please exclude it as it is not needed to access this file from HTTP

@piotr-cz commented on April 28th 2014 Contributor

@mattab Done. Not sure what's happening with tests though.

@mattab commented on April 28th 2014 Member

The failures are un-related to your change, I tried to fix one here: 5e3a47a41e511af6e0dcf03d9c43449f68843fbc
and contacted Travis CI about the other! cheers

@piotr-cz commented on April 29th 2014 Contributor

Yeah, as for [https://travis-ci.org/piwik/piwik/jobs/23912449] it seems that test failed one because of 2 microseconds difference in assertion, the other one might be travis issue

@piotr-cz commented on May 7th 2014 Contributor

Not sure if it helps, but recently Travis switched PHPUnit installation from PEAR to PHAR: https://github.com/travis-ci/travis-ci/issues/2223

This Pull Request was closed on April 28th 2014
Powered by GitHub Issue Mirror