MokoConsulting/MokoGitea-APP
1
0
Fork 0
Code Issues 158 Pull Requests 3 Releases 96 Wiki Activity

fix: opening dot files returns 403 error #580

New Issue
Closed
opened 2026-06-07 18:15:23 +00:00 by jmiller · 1 comment
jmiller commented 2026-06-07 18:15:23 +00:00
Owner
Copy Link
Copy Source

Problem

Viewing files that start with a dot (e.g., .gitignore, .env.example, .mokogitea/manifest.xml) in the web UI returns a 403 Forbidden error.

Root Cause

The nginx config has a rule that denies access to hidden files:

location ~ ^(?!/api/).*(/\.) {
    deny all;
    access_log off;
    log_not_found off;
}

This blocks all paths containing /. except /api/ routes. This was intended to protect .git/ directory access but it also blocks legitimate dot files viewed through the Gitea UI (e.g., /:owner/:repo/src/branch/main/.gitignore).

Fix

Update the nginx regex to exclude Gitea's file browsing routes (/src/, /raw/, /media/) in addition to /api/.

## Problem Viewing files that start with a dot (e.g., `.gitignore`, `.env.example`, `.mokogitea/manifest.xml`) in the web UI returns a 403 Forbidden error. ## Root Cause The nginx config has a rule that denies access to hidden files: ```nginx location ~ ^(?!/api/).*(/\.) { deny all; access_log off; log_not_found off; } ``` This blocks all paths containing `/.` except `/api/` routes. This was intended to protect `.git/` directory access but it also blocks legitimate dot files viewed through the Gitea UI (e.g., `/:owner/:repo/src/branch/main/.gitignore`). ## Fix Update the nginx regex to exclude Gitea's file browsing routes (`/src/`, `/raw/`, `/media/`) in addition to `/api/`.
jmiller commented 2026-06-07 18:15:29 +00:00
Author
Owner
Copy Link
Copy Source

Branch created: feature/580-fix-opening-dot-files-returns-403-error

git fetch origin
git checkout feature/580-fix-opening-dot-files-returns-403-error
Branch created: [`feature/580-fix-opening-dot-files-returns-403-error`](https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/src/branch/feature/580-fix-opening-dot-files-returns-403-error) ```bash git fetch origin git checkout feature/580-fix-opening-dot-files-returns-403-error ```
Sign in to join this conversation.
Labels
Clear labels
breaking-change
Breaking API or behavior change
 ci-cd
CI/CD pipeline changes
 config
Configuration changes
 dependencies
Dependency updates
 deploy-failure
Deployment failed
 docker
Docker/container changes
 documentation
Documentation changes
 good first issue
Good for newcomers
 health-check
Repo health check result
 help wanted
Extra attention needed
 mokostandards
Related to MokoStandards framework
 push-failure
Git push operation failed
 security
Security vulnerability or hardening
 size/l
200-500 lines changed
 size/m
50-200 lines changed
 size/s
10-50 lines changed
 size/xl
500+ lines changed
 size/xs
< 10 lines changed
 standards-drift
Deviates from MokoStandards
 standards-update
MokoStandards compliance update
 sync-failure
Sync or mirror failed
 tech-debt
Technical debt and TODO/FIXME items
 upstream
upstream
Inherited from upstream Gitea
 work-in-progress
Draft or incomplete work
No labels
Priority -
Type -
Status
Priority
Type
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea-APP#580
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?