X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fstatic.ts;h=63f78b3b3e11799bdbebe1a57467ac1975aa3081;hb=860cfb31e343f2317416da738f7155803ef4fe75;hp=f10427f3e2048722ac2029a07f4b55cf9a2b0332;hpb=98d3324db3b1c345fc30e5dbcef3b1e11169867e;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/controllers/static.ts b/server/controllers/static.ts index f10427f3e..63f78b3b3 100644 --- a/server/controllers/static.ts +++ b/server/controllers/static.ts @@ -1,6 +1,7 @@ import * as cors from 'cors' +import { createReadStream } from 'fs-extra' import * as express from 'express' -import { CONFIG, STATIC_DOWNLOAD_PATHS, STATIC_MAX_AGE, STATIC_PATHS, ROUTE_CACHE_LIFETIME } from '../initializers' +import { CONFIG, ROUTE_CACHE_LIFETIME, STATIC_DOWNLOAD_PATHS, STATIC_MAX_AGE, STATIC_PATHS } from '../initializers' import { VideosPreviewCache } from '../lib/cache' import { cacheRoute } from '../middlewares/cache' import { asyncMiddleware, videosGetValidator } from '../middlewares' @@ -8,7 +9,7 @@ import { VideoModel } from '../models/video/video' import { VideosCaptionCache } from '../lib/cache/videos-caption-cache' import { UserModel } from '../models/account/user' import { VideoCommentModel } from '../models/video/video-comment' -import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../models/nodeinfo' +import { HttpNodeinfoDiasporaSoftwareNsSchema20 } from '../../shared/models/nodeinfo' const packageJSON = require('../../../package.json') const staticRouter = express.Router() @@ -48,13 +49,13 @@ staticRouter.use( const thumbnailsPhysicalPath = CONFIG.STORAGE.THUMBNAILS_DIR staticRouter.use( STATIC_PATHS.THUMBNAILS, - express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE }) + express.static(thumbnailsPhysicalPath, { maxAge: STATIC_MAX_AGE, fallthrough: false }) // 404 if the file does not exist ) const avatarsPhysicalPath = CONFIG.STORAGE.AVATARS_DIR staticRouter.use( STATIC_PATHS.AVATARS, - express.static(avatarsPhysicalPath, { maxAge: STATIC_MAX_AGE }) + express.static(avatarsPhysicalPath, { maxAge: STATIC_MAX_AGE, fallthrough: false }) // 404 if the file does not exist ) // We don't have video previews, fetch them from the origin instance @@ -78,6 +79,21 @@ staticRouter.get('/robots.txt', } ) +// security.txt service +staticRouter.get('/security.txt', + (_, res: express.Response) => { + return res.redirect(301, '/.well-known/security.txt') + } +) + +staticRouter.get('/.well-known/security.txt', + asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT)), + (_, res: express.Response) => { + res.type('text/plain') + return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT) + } +) + // nodeinfo service staticRouter.use('/.well-known/nodeinfo', asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)), @@ -93,10 +109,26 @@ staticRouter.use('/.well-known/nodeinfo', } ) staticRouter.use('/nodeinfo/:version.json', - // asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)), + asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)), asyncMiddleware(generateNodeinfo) ) +// dnt-policy.txt service (see https://www.eff.org/dnt-policy) +staticRouter.use('/.well-known/dnt-policy.txt', + asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.DNT_POLICY)), + (_, res: express.Response) => { + res.type('text/plain') + createReadStream('./server/static/dnt-policy/dnt-policy-1.0.txt').pipe(res) + } +) + +// dnt service (see https://www.w3.org/TR/tracking-dnt/#status-resource) +staticRouter.use('/.well-known/dnt/', + (_, res: express.Response) => { + res.json({ tracking: 'N' }) + } +) + // --------------------------------------------------------------------------- export {