Add Security.txt (#1408)

* Create security-handler.ts

https://securitytxt.org/

* Add SecurityHandler

* Update security-handler.ts

* Update index.tsx

* Ensure external domain.tld is used

---------

Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
This commit is contained in:
Robert C. Maehl 2023-06-28 23:10:13 -04:00 committed by GitHub
parent a2716d5f48
commit 9a04d0c58e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 0 deletions

View file

@ -0,0 +1,11 @@
import type { Response } from "express";
export default async ({ res }: { res: Response }) => {
res.setHeader("content-type", "text/plain; charset=utf-8");
res.send(`Contact: mailto:security@lemmy.ml
Contact: mailto:admin@` + process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST + `
Contact: mailto:security@` + process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST + `
Expires: 2024-01-01T04:59:00.000Z
`);
};

View file

@ -4,6 +4,7 @@ import path from "path";
import process from "process";
import CatchAllHandler from "./handlers/catch-all-handler";
import ManifestHandler from "./handlers/manifest-handler";
import SecurityHandler from "./handlers/security-handler";
import RobotsHandler from "./handlers/robots-handler";
import ServiceWorkerHandler from "./handlers/service-worker-handler";
import ThemeHandler from "./handlers/theme-handler";
@ -25,6 +26,7 @@ if (!process.env["LEMMY_UI_DISABLE_CSP"] && !process.env["LEMMY_UI_DEBUG"]) {
server.use(setDefaultCsp);
}
server.get("/.well-known/security.txt", SecurityHandler);
server.get("/robots.txt", RobotsHandler);
server.get("/service-worker.js", ServiceWorkerHandler);
server.get("/manifest.webmanifest", ManifestHandler);