Details
-
New Feature
-
Status: Development in progress
-
Minor
-
Resolution: Unresolved
-
3.11, 4.0
-
None
-
MOODLE_311_STABLE, MOODLE_400_STABLE
-
MDL-69958-well-known-password
-
Description
There is a growing number of things that get put into /.well-known/ some of which would be considered OS level things, like LetsEncrypt, and others which would be application level concerns. A simple example might be support for
/.well-known/change-password
which specifically for moodle should redirect to: /login/change_password.php
https://w3c.github.io/webappsec-change-password-url/
So we need a generic way for moodle to intercept some but not all of these routes and let nginx or apache handle some, and a way for core and plugins to add arbitrary new url routes into .well-known to support any emerging new specs
Attachments
Issue Links
- has been marked as being related by
-
MDL-69333 Reduce ability to fingerprint a server with a htaccess-dist / nginx file / docs
-
- Closed
-
- will be (partly) resolved by
-
MDL-56041 Cleanup custom 404 page and more easily support custom 50x error pages
-
- Closed
-
- will help resolve
-
MDL-69732 Manifest file /.well-known/badgeconnect.json is ignored by OBv2.1
-
- Closed
-