[TYPO3-core] RFC #11369: jumpUrl should only allow files matching fileDenyPattern

[Oliver Hader]

Hi Michael,

Michael Stucki schrieb:
> Attached is a new version which implements a suggestion by Olly to
> disallow access also if the parent directory name is "typo3conf". This
> assures that also backups (*~ etc.) of localconf.php - which we consider
> most delicate - are also unaccessible.

Thanks! +1 on reading - I'm going to test in some minutes...

olly
-- 
Oliver Hader
TYPO3 Release Manager 4.3