barryhughes/nextcloud.sample-nginx-remediation.CVE-2019-11043.patch

## nextcloud.sample-nginx-remediation.CVE-2019-11043.patch
 location / {
-	rewrite ^ /index.php$request_uri;
+	rewrite ^ /index.php;
 }

 location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
  	fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
+	try_files $fastcgi_script_name =404;
  	include fastcgi_params;
 	fastcgi_param SCRIPTFILENAME $document_root$fastcgi_script_name;
 	fastcgi_param PATHINFO $path_info;
 	fastcgi_param HTTPS on;
 	# Avoid sending the security headers twice
 	fastcgi_param modHeadersAvailable true;
 	# Enable pretty urls
 	fastcgi_param front_controller_active true;
 	fastcgi_pass php-handler;
 	fastcgi_intercept_errors on;
 	fastcgi_request_buffering off;
 }
	location / {
	- rewrite ^ /index.php$request_uri;
	+ rewrite ^ /index.php;
	}

	location ~ ^\/(?:index\|remote\|public\|cron\|core\/ajax\/update\|status\|ocs\/v[12]\|updater\/.+\|oc[ms]-provider\/.+)\.php(?:$\|\/) {
	fastcgi_split_path_info ^(.+?\.php)(\/.*\|)$;
	+ try_files $fastcgi_script_name =404;
	include fastcgi_params;
	fastcgi_param SCRIPTFILENAME $document_root$fastcgi_script_name;
	fastcgi_param PATHINFO $path_info;
	fastcgi_param HTTPS on;
	# Avoid sending the security headers twice
	fastcgi_param modHeadersAvailable true;
	# Enable pretty urls
	fastcgi_param front_controller_active true;
	fastcgi_pass php-handler;
	fastcgi_intercept_errors on;
	fastcgi_request_buffering off;
	}