From 5447516b9a87725a6f8c55ec7e4ea1c1be839ee6 Mon Sep 17 00:00:00 2001 From: Austin Heap Date: Thu, 6 Sep 2018 05:23:46 -0700 Subject: draft "security.txt" spec integration (#1020) --- server/controllers/static.ts | 15 +++++++++++++++ server/initializers/checker.ts | 2 +- server/initializers/constants.ts | 5 ++++- 3 files changed, 20 insertions(+), 2 deletions(-) (limited to 'server') diff --git a/server/controllers/static.ts b/server/controllers/static.ts index df31c3134..63f78b3b3 100644 --- a/server/controllers/static.ts +++ b/server/controllers/static.ts @@ -79,6 +79,21 @@ staticRouter.get('/robots.txt', } ) +// security.txt service +staticRouter.get('/security.txt', + (_, res: express.Response) => { + return res.redirect(301, '/.well-known/security.txt') + } +) + +staticRouter.get('/.well-known/security.txt', + asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT)), + (_, res: express.Response) => { + res.type('text/plain') + return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT) + } +) + // nodeinfo service staticRouter.use('/.well-known/nodeinfo', asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)), diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts index 3cc6268cf..9dd104035 100644 --- a/server/initializers/checker.ts +++ b/server/initializers/checker.ts @@ -55,7 +55,7 @@ function checkMissedConfig () { 'import.videos.http.enabled', 'import.videos.torrent.enabled', 'trending.videos.interval_days', 'instance.name', 'instance.short_description', 'instance.description', 'instance.terms', 'instance.default_client_route', - 'instance.default_nsfw_policy', 'instance.robots', + 'instance.default_nsfw_policy', 'instance.robots', 'instance.securitytxt', 'services.twitter.username', 'services.twitter.whitelisted' ] const requiredAlternatives = [ diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts index ba8b9b6ed..5b7ea5d6c 100644 --- a/server/initializers/constants.ts +++ b/server/initializers/constants.ts @@ -57,6 +57,7 @@ const OAUTH_LIFETIME = { const ROUTE_CACHE_LIFETIME = { FEEDS: '15 minutes', ROBOTS: '2 hours', + SECURITYTXT: '2 hours', NODEINFO: '10 minutes', DNT_POLICY: '1 week', OVERVIEWS: { @@ -265,7 +266,9 @@ const CONFIG = { get JAVASCRIPT () { return config.get('instance.customizations.javascript') }, get CSS () { return config.get('instance.customizations.css') } }, - get ROBOTS () { return config.get('instance.robots') } + get ROBOTS () { return config.get('instance.robots') }, + get SECURITYTXT () { return config.get('instance.securitytxt') }, + get SECURITYTXT_CONTACT () { return config.get('admin.email') } }, SERVICES: { TWITTER: { -- cgit v1.2.3