From 8bc06372a3adb235c7e830e8e3659eb5528e261e Mon Sep 17 00:00:00 2001
From: William Chang <48861800+WilliamChang80@users.noreply.github.com>
Date: Thu, 22 Oct 2020 22:45:11 +0700
Subject: [PATCH] Add security.txt (#181)

* Add security.txt

* Add security.txt

* Update website.conf

* Update security label

* Add eslint linebreak for windows

* Removed backwards compability security.txt encryption

* Update .eslintrc.js

* Update security component

* Change location redirect on security.txt to absolute path

* Moved security.txt config into security.conf
---
 .../generators/conf/security.conf.js          | 13 ++++++
 .../templates/global_sections/security.vue    | 43 +++++++++++++++++++
 2 files changed, 56 insertions(+)

diff --git a/src/nginxconfig/generators/conf/security.conf.js b/src/nginxconfig/generators/conf/security.conf.js
index f7d7357..f82d1d8 100644
--- a/src/nginxconfig/generators/conf/security.conf.js
+++ b/src/nginxconfig/generators/conf/security.conf.js
@@ -50,6 +50,19 @@ export default (domains, global) => {
         deny: 'all',
     }]);
 
+    // Security.txt
+    if (global.security.securityTxt.computed) {
+        config.push(['# security.txt', '']);
+        config.push(['location /security.txt', {
+            return: '301 /.well-known/security.txt',
+        }]);
+        
+        // Custom security.txt path
+        config.push(['location = /.well-known/security.txt', {
+            alias: `${global.security.securityTxtPath.value}`,
+        }]);
+    }
+
     // Done!
     return config;
 };
diff --git a/src/nginxconfig/templates/global_sections/security.vue b/src/nginxconfig/templates/global_sections/security.vue
index 33ed2f5..9e4b86a 100644
--- a/src/nginxconfig/templates/global_sections/security.vue
+++ b/src/nginxconfig/templates/global_sections/security.vue
@@ -102,6 +102,41 @@ THE SOFTWARE.
                 </div>
             </div>
         </div>
+
+        <div class="field is-horizontal">
+            <div class="field-label">
+                <label class="label">security.txt</label>
+            </div>
+            <div class="field-body">
+                <div class="field">
+                    <div :class="`control${securityTxt ? ' is-changed' : ''}`">
+                        <div class="checkbox">
+                            <PrettyCheck v-model="securityTxt" class="p-default p-curve p-fill p-icon">
+                                <i slot="extra" class="icon fas fa-check"></i>
+                                {{ i18n.common.enable }}
+                            </PrettyCheck>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+        <div v-if="$props.data.securityTxt.computed" class="field is-horizontal">
+            <div class="field-label">
+                <label class="label">security.txt path</label>
+            </div>
+            <div class="field-body">
+                <div class="field">
+                    <div :class="`control${securityTxtChanged ? ' is-changed' : ''}`">
+                        <input v-model="securityTxtPath"
+                               class="input"
+                               type="text"
+                               :placeholder="$props.data.securityTxtPath.default"
+                        />
+                    </div>
+                </div>
+            </div>
+        </div>
     </div>
 </template>
 
@@ -139,6 +174,14 @@ THE SOFTWARE.
             default: false,
             enabled: true,
         },
+        securityTxt: {
+            default: false,
+            enabled: true,
+        },
+        securityTxtPath: {
+            default: '~/security.txt',
+            enabled: true,
+        },
     };
 
     export default {