interesting
/
PeerTube
mirror of https://github.com/Chocobozzz/PeerTube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Don't display admin email in security.txt

This commit is contained in:
Chocobozzz 2023-08-18 10:35:45 +02:00
parent 3ff44b67ea
commit 822872aacd
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
4 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/default.yaml
View File

@ -760,8 +760,9 @@ instance:
Disallow:
# /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes
# To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
securitytxt:
'# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:'
securitytxt: |
Contact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md
Expires: 2025-12-31T11:00:00.000Z'
services:
# Cards configuration to format video in Twitter

5
config/production.yaml.example
View File

@ -770,8 +770,9 @@ instance:
Disallow:
# /.well-known/security.txt rules. This endpoint is cached, so you may have to wait a few hours before viewing your changes
# To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string
securitytxt:
'# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:'
securitytxt: |
Contact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md
Expires: 2025-12-31T11:00:00.000Z'
services:
# Cards configuration to format video in Twitter

2
server/server/controllers/well-known.ts
View File

@ -27,7 +27,7 @@ wellKnownRouter.get('/.well-known/security.txt',
cacheRoute(ROUTE_CACHE_LIFETIME.SECURITYTXT),
(_, res: express.Response) => {
res.type('text/plain')
return res.send(CONFIG.INSTANCE.SECURITYTXT + CONFIG.INSTANCE.SECURITYTXT_CONTACT)
return res.send(CONFIG.INSTANCE.SECURITYTXT)
}
)

3
server/server/initializers/config.ts
View File

@ -546,8 +546,7 @@ const CONFIG = {
get CSS () { return config.get<string>('instance.customizations.css') }
},
get ROBOTS () { return config.get<string>('instance.robots') },
get SECURITYTXT () { return config.get<string>('instance.securitytxt') },
get SECURITYTXT_CONTACT () { return config.get<string>('admin.email') }
get SECURITYTXT () { return config.get<string>('instance.securitytxt') }
},
SERVICES: {
TWITTER: {