[20:47:30]
<massimiliano> Maranda can i ask you if you are open to suggestions?
[20:48:17]
<massimiliano> i have one but don't want you mad
[20:48:40]
<massimiliano> actually is more of a contribution request
[20:49:15]
<Maranda> 🤔 🤔 🤔 🤔 🤔
[20:49:32]
<massimiliano> https://bin.disroot.org/?3e624a09bb4cfe79#2RYBtVJ1bguTUORld4pEFhCIW7LCVKKKmVkXpCsl/ac=
[20:49:42]
<massimiliano> alternative share.php script
[20:49:47]
<massimiliano> that works for me
[20:50:27]
<massimiliano> i forked your work, if you give green light i do a merge request
[20:50:35]
<massimiliano> if i messed up just say
[20:52:32]
<massimiliano> in short i changed $_SERVER['PHP_SELF' for $_SERVER['REQUEST_URI']
[20:54:47]
<Maranda> I don't have an issue with you using it, but you shouldn't use the request uri
[20:55:17]
<massimiliano> is it lesser safe?
[20:55:31]
<Maranda> Yes beside it will mess up on some setups
[20:57:31]
<massimiliano> okay then i leav it for now until i find proper solution
[20:58:46]
<Maranda> so I can't accept the PR, you should clean urls using URL rewriting, it's not working because you ain't doing it
[21:00:35]
<Maranda> you're trying to fix a non existant defect because of a configuration issue on your end, I mean if it works for you now feel free to use the changed script
[21:00:42]
<Maranda> it's not a problem :)
[21:01:11]
<massimiliano> yes but i don't want security issues
[21:01:19]
<massimiliano> or other issues in future
[21:02:08]
<Maranda> It's not really insecure if you ain't using an old version of PHP.
[21:02:21]
<Maranda> so if it works now keep it that way
[21:02:21]
<massimiliano> php 7
[21:02:38]
<massimiliano> yes and i keep on searcing the rewrite thing
[21:02:53]
<massimiliano> i learned a lot this last week :-)
[21:04:20]
<Maranda> "URL rewriting" means that every request to https://upload.insurge.org/upload/uuid/filename.txt is forwarded to https://upload.insurge.org/share.php/uuid/filename.txt
[21:04:44]
<Maranda> put simply
[21:04:53]
<massimiliano> yes
[21:05:51]
<massimiliano> do you have an example
[21:05:52]
<massimiliano> ?
[21:06:00]
<massimiliano> of the rewrite line
[21:06:38]
<Maranda> for nginx?
[21:06:44]
<Maranda> haven't the least clue
[21:06:46]
<massimiliano> rewrite ^ $scheme://$host/share.php permanent;
[21:12:59]
<Maranda> but that scheme looks wrong
[21:13:26]
<Maranda> this is from my IIS web.config to give an idea:
[21:13:43]
<Maranda> <?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
</customHeaders>
</httpProtocol>
<rewrite>
<rules>
<clear />
<rule name="Redirect All Non-Share" patternSyntax="Wildcard" stopProcessing="true">
<match url="share/*" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Redirect" url="https://lightwitch.org/" redirectType="SeeOther" />
</rule>
<rule name="Upload Script Rewrite" enabled="true" stopProcessing="true">
<match url="^share/(.*)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="share.php/{R:1}" />
</rule>
</rules>
</rewrite>
<handlers>
<remove name="PHP_via_FastCGI" />
<add name="PHP_via_FastCGI" path="*.php" verb="DELETE,GET,HEAD,POST,PUT,OPTIONS" modules="FastCgiModule" scriptProcessor="C:\Program Files\PHP\v7.2\php-cgi.exe" resourceType="Either" requireAccess="Script" />
</handlers>
</system.webServer>
</configuration>
[22:13:03]
<massimiliano> Maranda, fixed
[22:13:06]
<massimiliano> rewrite ^.*$ /share.php$fastcgi_script_name;
[22:13:24]
<massimiliano> \o/
[22:13:45]
<massimiliano> syntax may be short but damn it's hard to find out