Merge pull request #417 from ZeusWPI/security.txt

Add responsible disclosure policy
2020-11-19 04:53:30 +01:00 · 2020-11-19 04:53:30 +01:00 · f8a286da25
commit f8a286da25
parent b27732cdfc f8a91d45e1
3 changed files with 12 additions and 1 deletions
--- a/4
+++ b/4
@ -235,6 +235,10 @@ route '/**/*.{erb,html,md}' do
  "#{item.identifier.without_ext}/index.html"
 end

+route %r[/well-known/(.+)] do |rest|
+  "/.well-known/" + rest[0]
+end
+
 # Let anything else simply pass through
 passthrough '/**/*'

--- a/content/well-known/security.txt
+++ b/content/well-known/security.txt
@ -0,0 +1,3 @@
+Contact: mailto:admin@zeus.ugent.be
+Preferred-Languages: nl,en
+Policy: https://git.zeus.gent/bestuur/drive/-/blob/master/varia/responsible_disclosure_policy_nl.md
--- a/layouts/partials/_footer.erb
+++ b/layouts/partials/_footer.erb
@ -39,7 +39,11 @@
        <a href="/about/privacy">
          <span class="hidden-xs">Privacy</span>
          <%= fa :'user-secret' %>
-        </a>
+        </a> |
+        <a href="/.well-known/security.txt">
+          <span class="hidden-xs">Responsible Disclosure Policy</span>
+          <%= fa :'lock' %>
+        </a>        
      </p>
    </div>
  </div>