import * as cors from 'cors'
import * as express from 'express'
-import { CONFIG, STATIC_DOWNLOAD_PATHS, STATIC_MAX_AGE, STATIC_PATHS, ROUTE_CACHE_LIFETIME } from '../initializers'
+import { CONFIG, ROUTE_CACHE_LIFETIME, STATIC_DOWNLOAD_PATHS, STATIC_MAX_AGE, STATIC_PATHS } from '../initializers'
import { VideosPreviewCache } from '../lib/cache'
import { cacheRoute } from '../middlewares/cache'
import { asyncMiddleware, videosGetValidator } from '../middlewares'
import { VideosCaptionCache } from '../lib/cache/videos-caption-cache'
import { UserModel } from '../models/account/user'
import { VideoCommentModel } from '../models/video/video-comment'
-import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../models/nodeinfo'
+import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../../shared/models/nodeinfo'
+import { join } from 'path'
+import { root } from '../helpers/core-utils'
const packageJSON = require('../../../package.json')
const staticRouter = express.Router()
const thumbnailsPhysicalPath = CONFIG.STORAGE.THUMBNAILS_DIR
staticRouter.use(
STATIC_PATHS.THUMBNAILS,
- express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE })
+ express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE, fallthrough: false }) // 404 if the file does not exist
)
const avatarsPhysicalPath = CONFIG.STORAGE.AVATARS_DIR
staticRouter.use(
STATIC_PATHS.AVATARS,
- express.static(avatarsPhysicalPath, { maxAge: STATIC_MAX_AGE })
+ express.static(avatarsPhysicalPath, { maxAge: STATIC_MAX_AGE, fallthrough: false }) // 404 if the file does not exist
)
// We don't have video previews, fetch them from the origin instance
}
)
+// security.txt service
+staticRouter.get('/security.txt',
+ (_, res: express.Response) => {
+ return res.redirect(301, '/.well-known/security.txt')
+ }
+)
+
+staticRouter.get('/.well-known/security.txt',
+ asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT)),
+ (_, res: express.Response) => {
+ res.type('text/plain')
+ return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT)
+ }
+)
+
// nodeinfo service
staticRouter.use('/.well-known/nodeinfo',
asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
}
)
staticRouter.use('/nodeinfo/:version.json',
- // asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
+ asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
asyncMiddleware(generateNodeinfo)
)
+// dnt-policy.txt service (see https://www.eff.org/dnt-policy)
+staticRouter.use('/.well-known/dnt-policy.txt',
+ asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.DNT_POLICY)),
+ (_, res: express.Response) => {
+ res.type('text/plain')
+
+ return res.sendFile(join(root(), 'dist/server/static/dnt-policy/dnt-policy-1.0.txt'))
+ }
+)
+
+// dnt service (see https://www.w3.org/TR/tracking-dnt/#status-resource)
+staticRouter.use('/.well-known/dnt/',
+ (_, res: express.Response) => {
+ res.json({ tracking: 'N' })
+ }
+)
+
// ---------------------------------------------------------------------------
export {