Description of the need
Fixes https://github.com/backdrop/backdrop-issues/issues/5583
I have recently started to use Backdrop, and as my first development task I ported my Security.txt
module from Drupal to Backdrop. This module serves a two well-known URLs:
/.well-known/security.txt
/.well-known/security.txt.sig
This works with Drupal 7 & 9 as their .htaccess
files do not deny access to files (and therefore Drupal paths) beginning with .well-known
. However, Backdrop's .htaccess
file (as of version 1.21.4) blocks all files (and therefore Backdrop paths) beginning with .
without an exemption for those beginning with .well-known
.
There are a number of standardized well-known URIs which it would be good to allow Backdrop to serve, indeed I have started work on a general module to do this. However, the current Backdrop .htaccess
file prevents these modules from working without the user manually patching their .htaccess
file or creating a .well-known
directory in their document root.
Proposed solution
Modify the Backdrop .htaccess
file.
I will submit a PR with my proposed change shortly.
Alternatives that have been considered
- Any module which wishes to serve a well-known URI should add a line to the "Status Report" informing the user that they must manually create a
.well-known
directory in their document root. This may not be easy or indeed possible depending on a user's technical expertise or hosting arrangements.
Draft of feature description for Press Release (1 paragraph at most)
If this issue is resolved and the two mentioned modules are approved then we could have something like:
- Backdrop now includes support for the Security.txt standard via the
security.txt
module. - Backdrop now includes support for the change-password service via the
well_known_uris
module.
Recent comments
The Mail System and MimeMail modules are now installed. I'll let you know if they solve the problem. Edit: Using Mail System with MimeMail I was able to send plain text emails. There is...
HTML Email treated as plain text
If you haven't already I recommend installing Mail System and MimeMail. The latter will help format emails as HTML and first helps with configuring which module will handle the formatting...
HTML Email treated as plain text
The horrors of cut/paste! Brilliant, thanks.
SQLSTATE[22007]: Invalid datetime format: 1366 Incorrect string value: