aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorAustin Heap <me@austinheap.com>2018-09-06 05:23:46 -0700
committerRigel Kent <par@rigelk.eu>2018-09-06 14:23:46 +0200
commit5447516b9a87725a6f8c55ec7e4ea1c1be839ee6 (patch)
treebb73829e0b2c179e717ff491c75d074ed38bb0e5
parent35c29307767ac773eaab5054071c7df0555effcb (diff)
downloadPeerTube-5447516b9a87725a6f8c55ec7e4ea1c1be839ee6.tar.gz
PeerTube-5447516b9a87725a6f8c55ec7e4ea1c1be839ee6.tar.zst
PeerTube-5447516b9a87725a6f8c55ec7e4ea1c1be839ee6.zip
draft "security.txt" spec integration (#1020)
-rw-r--r--config/default.yaml3
-rw-r--r--config/production.yaml.example3
-rw-r--r--server/controllers/static.ts15
-rw-r--r--server/initializers/checker.ts2
-rw-r--r--server/initializers/constants.ts5
5 files changed, 26 insertions, 2 deletions
diff --git a/config/default.yaml b/config/default.yaml
index 254fa0c99..e95fa3ec7 100644
--- a/config/default.yaml
+++ b/config/default.yaml
@@ -127,6 +127,9 @@ instance:
127 robots: | 127 robots: |
128 User-agent: * 128 User-agent: *
129 Disallow: '' 129 Disallow: ''
130 # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
131 securitytxt:
132 "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube\nContact: mailto:"
130 133
131services: 134services:
132 # Cards configuration to format video in Twitter 135 # Cards configuration to format video in Twitter
diff --git a/config/production.yaml.example b/config/production.yaml.example
index e33427fae..edc774e6b 100644
--- a/config/production.yaml.example
+++ b/config/production.yaml.example
@@ -141,6 +141,9 @@ instance:
141 robots: | 141 robots: |
142 User-agent: * 142 User-agent: *
143 Disallow: '' 143 Disallow: ''
144 # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
145 securitytxt:
146 "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube\nContact: mailto:"
144 147
145services: 148services:
146 # Cards configuration to format video in Twitter 149 # Cards configuration to format video in Twitter
diff --git a/server/controllers/static.ts b/server/controllers/static.ts
index df31c3134..63f78b3b3 100644
--- a/server/controllers/static.ts
+++ b/server/controllers/static.ts
@@ -79,6 +79,21 @@ staticRouter.get('/robots.txt',
79 } 79 }
80) 80)
81 81
82// security.txt service
83staticRouter.get('/security.txt',
84 (_, res: express.Response) => {
85 return res.redirect(301, '/.well-known/security.txt')
86 }
87)
88
89staticRouter.get('/.well-known/security.txt',
90 asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT)),
91 (_, res: express.Response) => {
92 res.type('text/plain')
93 return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT)
94 }
95)
96
82// nodeinfo service 97// nodeinfo service
83staticRouter.use('/.well-known/nodeinfo', 98staticRouter.use('/.well-known/nodeinfo',
84 asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)), 99 asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts
index 3cc6268cf..9dd104035 100644
--- a/server/initializers/checker.ts
+++ b/server/initializers/checker.ts
@@ -55,7 +55,7 @@ function checkMissedConfig () {
55 'import.videos.http.enabled', 'import.videos.torrent.enabled', 55 'import.videos.http.enabled', 'import.videos.torrent.enabled',
56 'trending.videos.interval_days', 56 'trending.videos.interval_days',
57 'instance.name', 'instance.short_description', 'instance.description', 'instance.terms', 'instance.default_client_route', 57 'instance.name', 'instance.short_description', 'instance.description', 'instance.terms', 'instance.default_client_route',
58 'instance.default_nsfw_policy', 'instance.robots', 58 'instance.default_nsfw_policy', 'instance.robots', 'instance.securitytxt',
59 'services.twitter.username', 'services.twitter.whitelisted' 59 'services.twitter.username', 'services.twitter.whitelisted'
60 ] 60 ]
61 const requiredAlternatives = [ 61 const requiredAlternatives = [
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index ba8b9b6ed..5b7ea5d6c 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -57,6 +57,7 @@ const OAUTH_LIFETIME = {
57const ROUTE_CACHE_LIFETIME = { 57const ROUTE_CACHE_LIFETIME = {
58 FEEDS: '15 minutes', 58 FEEDS: '15 minutes',
59 ROBOTS: '2 hours', 59 ROBOTS: '2 hours',
60 SECURITYTXT: '2 hours',
60 NODEINFO: '10 minutes', 61 NODEINFO: '10 minutes',
61 DNT_POLICY: '1 week', 62 DNT_POLICY: '1 week',
62 OVERVIEWS: { 63 OVERVIEWS: {
@@ -265,7 +266,9 @@ const CONFIG = {
265 get JAVASCRIPT () { return config.get<string>('instance.customizations.javascript') }, 266 get JAVASCRIPT () { return config.get<string>('instance.customizations.javascript') },
266 get CSS () { return config.get<string>('instance.customizations.css') } 267 get CSS () { return config.get<string>('instance.customizations.css') }
267 }, 268 },
268 get ROBOTS () { return config.get<string>('instance.robots') } 269 get ROBOTS () { return config.get<string>('instance.robots') },
270 get SECURITYTXT () { return config.get<string>('instance.securitytxt') },
271 get SECURITYTXT_CONTACT () { return config.get<string>('admin.email') }
269 }, 272 },
270 SERVICES: { 273 SERVICES: {
271 TWITTER: { 274 TWITTER: {