Skip to main content

A Django app to private security.txt details

Project description

https://securitytxt.org/ A proposed standard which allows websites to define security policies. https://tools.ietf.org/html/draft-foudil-securitytxt-10#section-3.5.3

based on: https://adamj.eu/tech/2020/06/28/how-to-add-a-well-known-url-to-your-django-site/

Quick start

  1. Add “polls” to your INSTALLED_APPS setting like this:

    INSTALLED_APPS = [
        ...
        'wellknown_security',
    ]
    
  2. Include the polls URLconf in your project urls.py like this:

    from django.conf.urls import include
    ...
    path('.well-known/', include('wellknown_security.urls')),
    
  3. Add at least the contact info (either value is fine, can be multiple or just a single one) to settings.py

    Contact:

    WELLKNOWN_SECURITY_CONTACT = (
      'mailto:security@example.com',
      'mailto:security%2Buri%2Bencoded@example.com',
      'tel:+1-201-555-0123',
      'https://example.com/security-contact.html'
    )
    

    other values can be added as well, e.g

    Encryption:

    WELLKNOWN_SECURITY_ENCRYPTION = (
      'https://example.com/pgp-key.txt',
      'dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY',
      'openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f'
    )
    
  4. Start the development server and visit http://127.0.0.1:8000/.well-known/security.txt to check the results

    Output:

    Contact: mailto:security@example.com
    Contact: mailto:security%2Buri%2Bencoded@example.com
    Contact: tel:+1-201-555-0123
    Contact: https://example.com/security-contact.html
    
    Encryption: https://example.com/pgp-key.txt
    Encryption: dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY
    Encryption: openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f
    

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for django-wellknown-security, version 0.13
Filename, size File type Python version Upload date Hashes
Filename, size django-wellknown-security-0.13.tar.gz (4.0 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page