From 9a04d0c58e62cc2421f64e7a0d9321d61e840c5c Mon Sep 17 00:00:00 2001 From: "Robert C. Maehl" Date: Wed, 28 Jun 2023 23:10:13 -0400 Subject: [PATCH] Add Security.txt (#1408) * Create security-handler.ts https://securitytxt.org/ * Add SecurityHandler * Update security-handler.ts * Update index.tsx * Ensure external domain.tld is used --------- Co-authored-by: SleeplessOne1917 --- src/server/handlers/security-handler.ts | 11 +++++++++++ src/server/index.tsx | 2 ++ 2 files changed, 13 insertions(+) create mode 100644 src/server/handlers/security-handler.ts diff --git a/src/server/handlers/security-handler.ts b/src/server/handlers/security-handler.ts new file mode 100644 index 00000000..ceece139 --- /dev/null +++ b/src/server/handlers/security-handler.ts @@ -0,0 +1,11 @@ +import type { Response } from "express"; + +export default async ({ res }: { res: Response }) => { + res.setHeader("content-type", "text/plain; charset=utf-8"); + + res.send(`Contact: mailto:security@lemmy.ml + Contact: mailto:admin@` + process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST + ` + Contact: mailto:security@` + process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST + ` + Expires: 2024-01-01T04:59:00.000Z + `); +}; diff --git a/src/server/index.tsx b/src/server/index.tsx index aed8bca7..e8966418 100644 --- a/src/server/index.tsx +++ b/src/server/index.tsx @@ -4,6 +4,7 @@ import path from "path"; import process from "process"; import CatchAllHandler from "./handlers/catch-all-handler"; import ManifestHandler from "./handlers/manifest-handler"; +import SecurityHandler from "./handlers/security-handler"; import RobotsHandler from "./handlers/robots-handler"; import ServiceWorkerHandler from "./handlers/service-worker-handler"; import ThemeHandler from "./handlers/theme-handler"; @@ -25,6 +26,7 @@ if (!process.env["LEMMY_UI_DISABLE_CSP"] && !process.env["LEMMY_UI_DEBUG"]) { server.use(setDefaultCsp); } +server.get("/.well-known/security.txt", SecurityHandler); server.get("/robots.txt", RobotsHandler); server.get("/service-worker.js", ServiceWorkerHandler); server.get("/manifest.webmanifest", ManifestHandler);