Revert "Issue #2463967 by Darren Oh, tunic, andypost, alexpott, quietone, mstrelan, longwave: Add PHP settings to .user.ini"

This reverts commit de1a11ea78.

.htaccess

@@ -1,9 +1,9 @@
 #
-# Apache/mod_php/Drupal settings:
+# Apache/PHP/Drupal settings:
 #
 
 # Protect files and directories from prying eyes.
-<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json|\.user\.ini)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
+<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
   <IfModule mod_authz_core.c>
     Require all denied
   </IfModule>
@@ -24,11 +24,8 @@ AddEncoding gzip svgz
 
 # Most of the following PHP settings cannot be changed at runtime. See
 # sites/default/default.settings.php and
-# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-# at runtime.
-#
-# PHP only reads settings from this file if it is running as an Apache module.
-# If PHP is running as a CGI script, see .user.ini.
+# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be
+# changed at runtime.
 <IfModule mod_php.c>
   php_value assert.active                   0
 </IfModule>

.user.ini

@@ -1,10 +0,0 @@
-; Most of the following PHP settings cannot be changed at runtime. See
-; sites/default/default.settings.php and
-; Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-; at runtime.
-;
-; PHP only reads settings from this file if it is running as a CGI script. If
-; PHP is running as an Apache module, see .htaccess.
-
-; Disable PHP assertions.
-assert.active = 0

composer.lock

@@ -495,7 +495,7 @@
             "dist": {
                 "type": "path",
                 "url": "core",
-                "reference": "436f1c4b149b110c60db014909edf6ff2e6fc9f9"
+                "reference": "cc2af7de02a19bfde449293a84468f5fb1e33cea"
             },
             "require": {
                 "asm89/stack-cors": "^2.1",
@@ -585,7 +585,6 @@
                         "[web-root]/.eslintrc.json": "assets/scaffold/files/eslintrc.json",
                         "[web-root]/.ht.router.php": "assets/scaffold/files/ht.router.php",
                         "[web-root]/.htaccess": "assets/scaffold/files/htaccess",
-                        "[web-root]/.user.ini": "assets/scaffold/files/user.ini",
                         "[web-root]/example.gitignore": "assets/scaffold/files/example.gitignore",
                         "[web-root]/index.php": "assets/scaffold/files/index.php",
                         "[web-root]/INSTALL.txt": "assets/scaffold/files/drupal.INSTALL.txt",

core/assets/scaffold/files/htaccess

@@ -1,9 +1,9 @@
 #
-# Apache/mod_php/Drupal settings:
+# Apache/PHP/Drupal settings:
 #
 
 # Protect files and directories from prying eyes.
-<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json|\.user\.ini)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
+<FilesMatch "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config|yarn\.lock|package\.json)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$">
   <IfModule mod_authz_core.c>
     Require all denied
   </IfModule>
@@ -24,11 +24,8 @@ AddEncoding gzip svgz
 
 # Most of the following PHP settings cannot be changed at runtime. See
 # sites/default/default.settings.php and
-# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-# at runtime.
-#
-# PHP only reads settings from this file if it is running as an Apache module.
-# If PHP is running as a CGI script, see .user.ini.
+# Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be
+# changed at runtime.
 <IfModule mod_php.c>
   php_value assert.active                   0
 </IfModule>

core/assets/scaffold/files/user.ini

@@ -1,10 +0,0 @@
-; Most of the following PHP settings cannot be changed at runtime. See
-; sites/default/default.settings.php and
-; Drupal\Core\DrupalKernel::bootEnvironment() for settings that can be changed
-; at runtime.
-;
-; PHP only reads settings from this file if it is running as a CGI script. If
-; PHP is running as an Apache module, see .htaccess.
-
-; Disable PHP assertions.
-assert.active = 0

core/assets/scaffold/files/web.config

@@ -22,7 +22,7 @@
     <rewrite>
       <rules>
         <rule name="Protect files and directories from prying eyes" stopProcessing="true">
-          <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json|.user.ini)$" />
+          <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json)$" />
           <action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
         </rule>
 

core/composer.json

@@ -127,7 +127,6 @@
                 "[web-root]/.eslintrc.json": "assets/scaffold/files/eslintrc.json",
                 "[web-root]/.ht.router.php": "assets/scaffold/files/ht.router.php",
                 "[web-root]/.htaccess": "assets/scaffold/files/htaccess",
-                "[web-root]/.user.ini": "assets/scaffold/files/user.ini",
                 "[web-root]/example.gitignore": "assets/scaffold/files/example.gitignore",
                 "[web-root]/index.php": "assets/scaffold/files/index.php",
                 "[web-root]/INSTALL.txt": "assets/scaffold/files/drupal.INSTALL.txt",

core/modules/system/tests/src/Functional/System/HtaccessTest.php

@@ -98,7 +98,6 @@ class HtaccessTest extends BrowserTestBase {
     // Ensure web server configuration files cannot be accessed.
     $file_paths["$path/.htaccess"] = 403;
     $file_paths["$path/web.config"] = 403;
-    $file_paths["$path/.user.ini"] = 403;
 
     return $file_paths;
   }

web.config

@@ -22,7 +22,7 @@
     <rewrite>
       <rules>
         <rule name="Protect files and directories from prying eyes" stopProcessing="true">
-          <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json|.user.ini)$" />
+          <match url="\.(engine|inc|install|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format|composer\.(json|lock)|\.htaccess|yarn.lock|package.json)$" />
           <action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
         </rule>