Fixes #10: added security page

yiisoft-contrib · Apr 1, 2015 · 408b613 · 408b613
1 parent 3c1eeeb
commit 408b613
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 0 deletions.
diff --git a/config/urls.php b/config/urls.php
@@ -11,6 +11,7 @@
     'news' => 'site/news',
     'team' => 'site/team',
     'report-issue' => 'site/report-issue',
+    'security' => 'site/security',
 
     // TODO implement redirect for url/ to url, needed for old 1.1 api urls
 

diff --git a/controllers/SiteController.php b/controllers/SiteController.php
@@ -132,5 +132,9 @@ public function actionReportIssue()
         return $this->render('report-issue');
     }
 
+    public function actionSecurity()
+    {
+        return $this->render('security');
+    }
 
 }
diff --git a/views/layouts/main.php b/views/layouts/main.php
@@ -111,6 +111,7 @@
                                 ['label' => '<i class="fa fa-angle-double-right"></i>Install Yii', 'url' => ['guide/view', 'version' => '2.0', 'language' => 'en', 'section' => 'start-installation']],
                                 ['label' => '<i class="fa fa-angle-double-right"></i>Extensions<span class="label label-warning">coming soon</span>', 'url' => 'https://yiicamp.com/extensions'],
                                 ['label' => '<i class="fa fa-angle-double-right"></i>Report an Issue', 'url' => ['site/report-issue']],
+                                ['label' => '<i class="fa fa-angle-double-right"></i>Report a Security Issue', 'url' => ['site/security']],
                                 ['label' => '<i class="fa fa-angle-double-right"></i>Contribute to Yii', 'url' => ['/site/contribute']],
                                 ['label' => '<i class="fa fa-angle-double-right"></i>Jobs<span class="label label-warning">coming soon</span>', 'url' => 'https://yiicamp.com/jobs'],
                             ]],

diff --git a/views/site/security.php b/views/site/security.php
@@ -0,0 +1,28 @@
+<?php
+use yii\helpers\Html;
+
+/* @var $this yii\web\View */
+$this->title = 'Report a Security Issue';
+$this->params['breadcrumbs'][] = $this->title;
+?>
+<div class="container content">
+    <h1><?= Html::encode($this->title) ?></h1>
+
+    <p>Please use the <?php echo Html::a('contact us form', ['site/contact']) ?> to report to us any security issue
+        you find in Yii. DO NOT use the issue tracker or discuss it in the public forum as it will cause more damage
+        than help.</p>
+
+    <p>Once we receive your issue report, we will treat it as our highest priority. We will generally take the
+        following steps in responding to security issues.</p>
+
+    <ol>
+        <li>Confirm the issue. We may contact with you for further discussion. We will send you an acknowledgement
+            after the issue is confirmed.
+        </li>
+        <li>Work on a solution.</li>
+        <li>Release a patch to all maintained versions.</li>
+    </ol>
+
+    <p><?php echo Html::a('Contact us', ['site/contact']) ?> to report a security issue.</p>
+
+</div>