draft "security.txt" spec integration (#1020)
This commit is contained in:
parent
35c2930776
commit
5447516b9a
|
@ -127,6 +127,9 @@ instance:
|
||||||
robots: |
|
robots: |
|
||||||
User-agent: *
|
User-agent: *
|
||||||
Disallow: ''
|
Disallow: ''
|
||||||
|
# Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
|
||||||
|
securitytxt:
|
||||||
|
"# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube\nContact: mailto:"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
# Cards configuration to format video in Twitter
|
# Cards configuration to format video in Twitter
|
||||||
|
|
|
@ -141,6 +141,9 @@ instance:
|
||||||
robots: |
|
robots: |
|
||||||
User-agent: *
|
User-agent: *
|
||||||
Disallow: ''
|
Disallow: ''
|
||||||
|
# Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
|
||||||
|
securitytxt:
|
||||||
|
"# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube\nContact: mailto:"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
# Cards configuration to format video in Twitter
|
# Cards configuration to format video in Twitter
|
||||||
|
|
|
@ -79,6 +79,21 @@ staticRouter.get('/robots.txt',
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// security.txt service
|
||||||
|
staticRouter.get('/security.txt',
|
||||||
|
(_, res: express.Response) => {
|
||||||
|
return res.redirect(301, '/.well-known/security.txt')
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
staticRouter.get('/.well-known/security.txt',
|
||||||
|
asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT)),
|
||||||
|
(_, res: express.Response) => {
|
||||||
|
res.type('text/plain')
|
||||||
|
return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT)
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
// nodeinfo service
|
// nodeinfo service
|
||||||
staticRouter.use('/.well-known/nodeinfo',
|
staticRouter.use('/.well-known/nodeinfo',
|
||||||
asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
|
asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.NODEINFO)),
|
||||||
|
|
|
@ -55,7 +55,7 @@ function checkMissedConfig () {
|
||||||
'import.videos.http.enabled', 'import.videos.torrent.enabled',
|
'import.videos.http.enabled', 'import.videos.torrent.enabled',
|
||||||
'trending.videos.interval_days',
|
'trending.videos.interval_days',
|
||||||
'instance.name', 'instance.short_description', 'instance.description', 'instance.terms', 'instance.default_client_route',
|
'instance.name', 'instance.short_description', 'instance.description', 'instance.terms', 'instance.default_client_route',
|
||||||
'instance.default_nsfw_policy', 'instance.robots',
|
'instance.default_nsfw_policy', 'instance.robots', 'instance.securitytxt',
|
||||||
'services.twitter.username', 'services.twitter.whitelisted'
|
'services.twitter.username', 'services.twitter.whitelisted'
|
||||||
]
|
]
|
||||||
const requiredAlternatives = [
|
const requiredAlternatives = [
|
||||||
|
|
|
@ -57,6 +57,7 @@ const OAUTH_LIFETIME = {
|
||||||
const ROUTE_CACHE_LIFETIME = {
|
const ROUTE_CACHE_LIFETIME = {
|
||||||
FEEDS: '15 minutes',
|
FEEDS: '15 minutes',
|
||||||
ROBOTS: '2 hours',
|
ROBOTS: '2 hours',
|
||||||
|
SECURITYTXT: '2 hours',
|
||||||
NODEINFO: '10 minutes',
|
NODEINFO: '10 minutes',
|
||||||
DNT_POLICY: '1 week',
|
DNT_POLICY: '1 week',
|
||||||
OVERVIEWS: {
|
OVERVIEWS: {
|
||||||
|
@ -265,7 +266,9 @@ const CONFIG = {
|
||||||
get JAVASCRIPT () { return config.get<string>('instance.customizations.javascript') },
|
get JAVASCRIPT () { return config.get<string>('instance.customizations.javascript') },
|
||||||
get CSS () { return config.get<string>('instance.customizations.css') }
|
get CSS () { return config.get<string>('instance.customizations.css') }
|
||||||
},
|
},
|
||||||
get ROBOTS () { return config.get<string>('instance.robots') }
|
get ROBOTS () { return config.get<string>('instance.robots') },
|
||||||
|
get SECURITYTXT () { return config.get<string>('instance.securitytxt') },
|
||||||
|
get SECURITYTXT_CONTACT () { return config.get<string>('admin.email') }
|
||||||
},
|
},
|
||||||
SERVICES: {
|
SERVICES: {
|
||||||
TWITTER: {
|
TWITTER: {
|
||||||
|
|
Loading…
Reference in New Issue