This repository has been archived by the owner on Feb 6, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial commit -- manageed txt files can be served based on URL
- Reducing cost by deploying on multi-routes (pending wrangler support) - Explicit pathing required - TODO: implement kbpgp support for signing / managing pgp
- Loading branch information
0 parents
commit 254c953
Showing
12 changed files
with
306 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
wrangler.toml | ||
dist | ||
node_modules | ||
worker |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"singleQuote": true, | ||
"semi": false, | ||
"trailingComma": "all", | ||
"tabWidth": 2, | ||
"printWidth": 80 | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
Copyright (c) 2020, Cloudflare, Inc. All rights reserved. | ||
|
||
Permission is hereby granted, free of charge, to any | ||
person obtaining a copy of this software and associated | ||
documentation files (the "Software"), to deal in the | ||
Software without restriction, including without | ||
limitation the rights to use, copy, modify, merge, | ||
publish, distribute, sublicense, and/or sell copies of | ||
the Software, and to permit persons to whom the Software | ||
is furnished to do so, subject to the following | ||
conditions: | ||
|
||
The above copyright notice and this permission notice | ||
shall be included in all copies or substantial portions | ||
of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF | ||
ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED | ||
TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A | ||
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT | ||
SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY | ||
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION | ||
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR | ||
IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER | ||
DEALINGS IN THE SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
build: | ||
wrangler build | ||
|
||
deploy: | ||
wrangler publish |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# security.txt as a service -- Built on Cloudflare workers | ||
|
||
- In order to save cost, we will deploying this one worker on two routes. | ||
|
||
``` | ||
/.well-known/security.txt | ||
/gpg/my-public-key.txt | ||
``` | ||
|
||
Flow: | ||
|
||
- Get a security.txt | ||
- Get a PGP keypair | ||
- Generate one? | ||
- Put the pubkey in a place | ||
- Tell us where that place is | ||
- Sign the security.txt | ||
- Deploy |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
{ | ||
"name": "securitytxt-worker", | ||
"version": "1.0.0", | ||
"description": "A worker to deploy security.txt onto your Cloudflare zone!", | ||
"main": "index.js", | ||
"scripts": { | ||
"test": "echo \"Error: no test specified\" && exit 1" | ||
}, | ||
"repository": { | ||
"type": "git", | ||
"url": "git+https://github.com/cloudflare/securitytxt-worker.git" | ||
}, | ||
"author": "dhaynes@cloudflare.com", | ||
"license": "MIT", | ||
"bugs": { | ||
"url": "https://github.com/cloudflare/securitytxt-worker/issues" | ||
}, | ||
"homepage": "https://github.com/cloudflare/securitytxt-worker#readme", | ||
"dependencies": { | ||
"raw-loader": "^4.0.0" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
/** | ||
* Copyright (c) 2020, Cloudflare, Inc. All rights reserved. | ||
* author: David Haynes <dhaynes@cloudflare.com> | ||
*/ | ||
import pubKey from './txt/security-cloudflare-public-06A67236.txt' | ||
import securityTxt from './txt/security.txt' | ||
|
||
/** | ||
* Ensure the correct txt file is returned. | ||
* @param {string} url The url from the incoming request | ||
*/ | ||
const handleRequest = async request => { | ||
const { url } = request | ||
if (url.includes('/.well-known/security.txt')) { | ||
return new Response(securityTxt, { | ||
headers: { 'content-type': 'text/plain' }, // security.txt | ||
}) | ||
} else if (url.includes('/gpg/security-cloudflare-public-06A67236.txt')) { | ||
return new Response(pubKey, { | ||
headers: { 'content-type': 'text/plain' }, // GPG Public key | ||
}) | ||
} else { | ||
return fetch(request) // Pass to origin | ||
} | ||
} | ||
|
||
// main() | ||
addEventListener('fetch', event => { | ||
event.respondWith(handleRequest(event.request)) | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
-----BEGIN PGP PUBLIC KEY BLOCK----- | ||
|
||
mQINBFs5oLsBEADs+Ca9HjH6slhlBlFuvmBRxKJmsrJ95f50ZkgdBrO3YP2GiKn0 | ||
X+ZkERZ8OXbEIQl1P+dPbm2jKYguF17Oz4pel4lFfTatiD6ZYAKjYGMr8gjdmWx+ | ||
LZrME8U1OucJvypsqdlFapEAeGNq8rlZU9pvFahvKJhDAq/n1GrpCWBMBoKwFIdT | ||
Gy5f2rc4KfRiR2+/m4Rd4gNGRDyO6BOXU+iy3NysVyR1PCu23vyowfk7xuOii5uR | ||
EFvMt1Z6ioSCLzBPV7ub2eQaOT4NzeQ6OD9guoP08n9pdzC3ppqs4fsYy0GTAORL | ||
vPsZw6Fo4UAqSo7a5/Cp+ZrOncIrlNcR7vY3hCMePAEsSQAkWaJNfS/hUnloXCnz | ||
H/k4SxTaVOeAnt4wUtEwD6fW6zm0QAlh6+/LqIy81K0+yCwY7mh7mNjR/l1swi+o | ||
sWigWuIOiq6JVmQ5XoI04ytnOFaM13dgI7VbMZF/2XTVkH72oYUc+xlsuQEvUhJR | ||
r7MM4mlMx+c9Gult+waH0hKFIAH3V2WJ+8QQy+ZYyx0LoUdfMnxT74A9A5qJCRRM | ||
9/DoyXc3Ce+WXJK3P0cxCh/nQbN22dPEEtWEP0+9WHmXxNz/0XgP4YH+gy7qJ/dw | ||
AbrexMkScTa6yy1i4z7yi2/SYD/424XWGZksND26OIKqa3Y7aU3FdsPSrQARAQAB | ||
tDJDbG91ZGZsYXJlIFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QGNsb3VkZmxhcmUu | ||
Y29tPokCVQQTAQgAPwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQQOe+8S | ||
5ZqrJUFq9KMiL96CBqZyNgUCXj22wwUJBO+BKAAKCRAiL96CBqZyNvbzD/45Knjb | ||
qhkyVgI0KQO9575PbO/pGJGWGX3TK43B9lsflCBz8W+KTkfTu/MU4UFvDBTlsKjF | ||
nEco/5CguoXJWFu4NrtaCG63l/OUGTBvRLl427OlrZmS0VLGK+oIJS2GY2METfOd | ||
tJYsG+niQ/PjoHbtFnGd5mH8jNNtwD9Gy1LwG520f6HKFqkb4Tz/nt4GyA9dbdBo | ||
z3AWsD2gbzKFRJS1twuCG65qvulAQt2KFq2qLOQKVYfmzlGHtQknIRAmS9RUa78u | ||
DY+v3qorDuz00RumB6sNcO7q60jJCqXA3jLa2uNys/EuT7zlmL4HFCiAAyNG7/Tt | ||
wG4p8cE7esflwVcwi8prLyXQSoGrdWQQyoyXOVIHJdsjB8Kg4mJpkKLKHgBmQYgh | ||
lSjesuqr4+phtzVDMtBMQLz5yh4gBXPK9tBs9CFklHAU/PZLApPNJ/Ed+qj4vQ/8 | ||
Ty2/594kkw+en7uZKSTioIHtHP6GOTXyUHf97axC/YuBwGWSSpAV02HbiKoKivqJ | ||
5826/H9EhiNJfH2ASRL3Uup421sj60sqrHwW4hHr03pETfH2QY+SBTru2PTu78n7 | ||
LF5okpC5UWBtzWiwEINKM+ppK13RFFHTwj0VptFEo3sEU4zpC73TD8UI9rWxgfuQ | ||
EmOxjrTYWOIypq/FKfxG/fKdcxTHSkAnvMIBjLkCDQRbOaC7ARAA2EBGm5WVbNZn | ||
c8W63aA4f+0kaLBdgiwBiHmGgqJXjlKKp0cieCKFjaMU3J7/E0ZvCTxe6eWjNVzB | ||
2ZGxRUoMgg7KLGqJqn3ZkOpR7YpPVM866WLFDoC2D0BfdBwyBzhll+9bAJB70oHA | ||
dvfW2KV4zv/66wB+8j6gn8130ap9FHaOEwj8ZrsdUKMTnTWB45T4aL2LODAdTmY/ | ||
r3cdOl1qL1s0nl6+iHkrL/6bX80mkWASlY2iXIUOCRa4mn4vyzQTSo0A+REELam4 | ||
vBMzW11CYCuLySakklN0nHfskr7TupGJvuekfG+ATUsU6iAc5cSawaJ8np/drPbi | ||
6uq5Xw4JDWUODDFlUKrXflwxs3y5GzUIx63TjONkRCh0BaCPIfNuvvWwiy7eTjkN | ||
NKdbuZ1n6G7XPyaG0LyFFw+4XGu2HbA7Mqf2SF9ZXQJX30YabwP1KINed6vpXUvB | ||
Dgz0vPX/lTRPVmjXCALXaHr1cMNLEGO5pYJJVML2agb4/ftyGvdbbpgv2BcqAK8H | ||
eVeeYnS72ugquvBz/ZLT18uEkvbcKuHFtwqOjsoJseshgwnQVldJiYyM1lyWG08D | ||
iVouS9uQw43gfNpoFsnes5YSHyzg/nAfweibza0KAJhXbg5o5jvF4e3e0MF2MG7O | ||
k9QKydo4WvabaeE6k392R0fnt4rxXE0AEQEAAYkCJQQYAQIADwUCWzmguwIbDAUJ | ||
AeEzgAAKCRAiL96CBqZyNiPyD/99aO97SEvlQhwr9qChyOJWh0B7NyhwqIGL+Mja | ||
jtTAZT85GQdEsj8kOli1A6uGhblKq2LUxrs7p6mHaHUo+vzeFXAZHujc7XanEpMt | ||
WBJLOwoGqflHNfNkpC4CTLNkkyT0nqHqgm5ScyeojeDW7YHXtCHK8joyhsqUKEub | ||
e/3agmIR3D/LqPD8YgzIxcihqs14yzJB6GQhGBX1hsQqNtfBN9+EBZpeH8/U7tIF | ||
Ds1gnqXy9WB6HjCQt1mEy22UDPUxDuM67007DWURNpN0Ers+GpRNzzNL7RBkBPZt | ||
6jHmTAQYXroAtWAqTNqt8Ro0i5ig6yGF79jNCokgj+NdNmvvLucebBybgj4LEfcW | ||
gnhmyUjN5Wy4xiQ7yPvwppdZVKkIrKAYG6C5euT7cAwCt8w1q3Kylh4mqiYZg61Q | ||
ddjQvi1uyMZ/XJHKIF5KUCBUXNKSPqJi847zTIdejqfvkrh4n1F8Vo1krmdwW17a | ||
RF4BqIRlQIBmK5Jqx9FBFLvx8Ju/Dkdk0/SrzbU2598rQjv31RxOl8CIlbeWocfX | ||
uAi8sUWyQtwN8tVxNPHdZkKZllXPtPbxYxk9KFcBQgkVT4qY5uPM9EUUGDa4YvIy | ||
VwcWegJ7L8dYqi/Zoge9mkQ53UTvbsnTL3IW0luA244t/m1cnwLPKB/4d/aCZkkc | ||
4EHv1w== | ||
=T5tL | ||
-----END PGP PUBLIC KEY BLOCK----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
Contact: https://hackerone.com/cloudflare | ||
# If you'd like to encrypt, please do so within the the body of the message. | ||
Contact: mailto:security@cloudflare.com | ||
Contact: https://www.cloudflare.com/abuse/ | ||
Preferred-Languages: en | ||
|
||
Encryption: https://www.cloudflare.com/pgp/security-at-cloudflare-pubkey-06A67236.txt | ||
Canonical: https://www.cloudflare.com/.well-known/security.txt | ||
|
||
Policy: https://www.cloudflare.com/disclosure | ||
Hiring: https://www.cloudflare.com/careers/departments/security |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
const { EnvironmentPlugin } = require('webpack') | ||
const path = require('path') | ||
|
||
module.exports = { | ||
entry: './src/index.js', | ||
output: { | ||
path: path.resolve(__dirname, 'dist'), | ||
filename: 'index.js', | ||
}, | ||
module: { | ||
rules: [ | ||
{ | ||
test: /\.txt$/i, | ||
use: 'raw-loader', | ||
}, | ||
], | ||
}, | ||
plugins: [ | ||
new EnvironmentPlugin({ | ||
KEY: 'VALUE', | ||
}), | ||
], | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
name = "securitytxt-worker" | ||
type = "webpack" | ||
account_id = "" | ||
zone_id = "" | ||
workers_dev = false | ||
route = "https://example.com/*" |