From 8a2434eb44514b3fa2bf2d5e069471960cda8414 Mon Sep 17 00:00:00 2001
From: ljf <ljf+yunohost@grimaud.me>
Date: Wed, 17 Jan 2018 17:19:06 +0100
Subject: [PATCH 1/3] [fix] Nginx traversal issue

---
 data/templates/nginx/plain/yunohost_admin.conf.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/templates/nginx/plain/yunohost_admin.conf.inc b/data/templates/nginx/plain/yunohost_admin.conf.inc
index b0ab4cef6..92e1e0ccf 100644
--- a/data/templates/nginx/plain/yunohost_admin.conf.inc
+++ b/data/templates/nginx/plain/yunohost_admin.conf.inc
@@ -1,4 +1,6 @@
-location /yunohost/admin {
+# Fix the nginx traversal weak ( #1034 )
+rewrite ^/yunohost/admin$ /yunohost/admin/ permanent;
+location /yunohost/admin/ {
     alias /usr/share/yunohost/admin/;
     default_type text/html;
     index index.html;

From 5cf6895ba20a34268b7d51a8bb2177549bd5809b Mon Sep 17 00:00:00 2001
From: ljf <ljf+yunohost@grimaud.me>
Date: Wed, 17 Jan 2018 17:22:13 +0100
Subject: [PATCH 2/3] [fix] Bad issue number in a comment

---
 data/templates/nginx/plain/yunohost_admin.conf.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/templates/nginx/plain/yunohost_admin.conf.inc b/data/templates/nginx/plain/yunohost_admin.conf.inc
index 92e1e0ccf..f516a9d4b 100644
--- a/data/templates/nginx/plain/yunohost_admin.conf.inc
+++ b/data/templates/nginx/plain/yunohost_admin.conf.inc
@@ -1,4 +1,4 @@
-# Fix the nginx traversal weak ( #1034 )
+# Fix the nginx traversal weak ( #1037 )
 rewrite ^/yunohost/admin$ /yunohost/admin/ permanent;
 location /yunohost/admin/ {
     alias /usr/share/yunohost/admin/;

From 6f2acb7eb6a9ebb54837bac017eecd512d49a32d Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Thu, 18 Jan 2018 21:10:08 +0100
Subject: [PATCH 3/3] Wording

---
 data/templates/nginx/plain/yunohost_admin.conf.inc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/templates/nginx/plain/yunohost_admin.conf.inc b/data/templates/nginx/plain/yunohost_admin.conf.inc
index f516a9d4b..2ab72293d 100644
--- a/data/templates/nginx/plain/yunohost_admin.conf.inc
+++ b/data/templates/nginx/plain/yunohost_admin.conf.inc
@@ -1,5 +1,6 @@
-# Fix the nginx traversal weak ( #1037 )
+# Avoid the nginx path/alias traversal weakness ( #1037 )
 rewrite ^/yunohost/admin$ /yunohost/admin/ permanent;
+
 location /yunohost/admin/ {
     alias /usr/share/yunohost/admin/;
     default_type text/html;