Development

#2352 (place development frontend into a separate dir by default)

You must first sign up to be able to contribute.

Ticket #2352 (closed enhancement: wontfix)

Opened 2 years ago

Last modified 2 years ago

place development frontend into a separate dir by default

Reported by: lsmith Assigned to: FabianLange
Priority: minor Milestone:
Component: tasks Version:
Keywords: Cc: Kris.Wallsmith
Qualification: Unreviewed

Description

A possible enhancement for 1.1 would be to place the development frontends into a different directory than the "web" directory to prevent security issues if the development frontends are not removed before deployment, while still making it possible to access the development frontends on production machines.

A number of ideas where discussed on the development list and aggregates into a wiki page SecuringDevFrontend. The "Adapt url/asset helper url generation", could probably be done without any hacks using the new OO helpers in symfony 1.1.

Attachments

secure_dev.patch (1.7 kB) - added by FabianLange on 06/05/08 15:33:55.
initial patch idea based on dev-mailing thread
sfGenerateControllerTask.diff (8.1 kB) - added by Kris.Wallsmith on 06/12/08 21:30:48.
This patch creates a generate:controller task that includes an array option "allowed-ip". I believe this is a more extensible implementation that what's currently there.

Change History

05/22/08 09:28:28 changed by FabianLange

  • owner changed from fabien to FabianLange.
  • status changed from new to assigned.

06/05/08 15:33:55 changed by FabianLange

  • attachment secure_dev.patch added.

initial patch idea based on dev-mailing thread

06/09/08 14:55:18 changed by FabianLange

  • status changed from assigned to closed.
  • resolution set to fixed.

(In [9489]) 1.1: secured non-production controllers by default by inserting an IP check for 127.0.0.1 into those controllers. Added documentation to chapter 3 and 5 on the reasoning. This will only affect new applications created with generate:app and not be part of the upgrade. closes #2352

06/09/08 15:15:02 changed by fabien

  • milestone set to 1.1.0 RC2.

06/12/08 21:30:48 changed by Kris.Wallsmith

  • attachment sfGenerateControllerTask.diff added.

This patch creates a generate:controller task that includes an array option "allowed-ip". I believe this is a more extensible implementation that what's currently there.

06/12/08 21:34:55 changed by Kris.Wallsmith

  • cc set to Kris.Wallsmith.

You'll also need to run the following commands to apply this patch: 

$ mkdir lib/task/generator/skeleton/controller
$ svn add lib/task/generator/skeleton/controller
$ svn cp lib/task/generator/skeleton/app/web/index.php lib/task/generator/skeleton/controller/index.php
$ svn rm lib/task/generator/skeleton/app/web

The patch should produce the following svn st output: 

X      doc
M      lib/task/generator/sfGenerateAppTask.class.php
D      lib/task/generator/skeleton/app/web
D      lib/task/generator/skeleton/app/web/index.php
A      lib/task/generator/skeleton/controller
A  +   lib/task/generator/skeleton/controller/index.php
A      lib/task/generator/sfGenerateControllerTask.class.php
X      lib/vendor/lime

Performing status on external item at 'doc'

Performing status on external item at 'lib/vendor/lime'

06/18/08 20:33:30 changed by Kris.Wallsmith

  • status changed from closed to reopened.
  • resolution deleted.

I'm reopening this ticket so my previously attached patch might get some attention?

06/19/08 10:09:46 changed by Carl.Vondrick

  • milestone changed from 1.1.0 RC2 to 1.1.0 FINAL.

06/19/08 10:28:31 changed by fabien

  • milestone changed from 1.1.0 FINAL to 1.2.0.

06/23/08 07:06:35 changed by dwhittle

  • status changed from reopened to closed.
  • resolution set to wontfix.

06/24/08 13:51:13 changed by fabien

  • milestone deleted.

The Sensio Labs Network

Since 1998, Sensio Labs has been promoting the Open-Source software movement by providing quality web application development, training, consulting.
Sensio Labs also supports several large Open-Source projects.

Open-Source Products

Services

> More