A Django app to private security.txt details
Project description
https://securitytxt.org/ A proposed standard which allows websites to define security policies. https://tools.ietf.org/html/draft-foudil-securitytxt-10#section-3.5.3
based on: https://adamj.eu/tech/2020/06/28/how-to-add-a-well-known-url-to-your-django-site/
Quick start
Add “polls” to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [ ... 'wellknown_security', ]Include the polls URLconf in your project urls.py like this:
from django.conf.urls import include ... path('.well-known/', include('wellknown_security.urls')),Add at least the contact info (either value is fine, can be multiple or just a single one) to settings.py
Contact:
WELLKNOWN_SECURITY_CONTACT = ( 'mailto:security@example.com', 'mailto:security%2Buri%2Bencoded@example.com', 'tel:+1-201-555-0123', 'https://example.com/security-contact.html' )
other values can be added as well, e.g
Encryption:
WELLKNOWN_SECURITY_ENCRYPTION = ( 'https://example.com/pgp-key.txt', 'dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY', 'openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f' )
Start the development server and visit http://127.0.0.1:8000/.well-known/security.txt to check the results
Output:
Contact: mailto:security@example.com Contact: mailto:security%2Buri%2Bencoded@example.com Contact: tel:+1-201-555-0123 Contact: https://example.com/security-contact.html Encryption: https://example.com/pgp-key.txt Encryption: dns:5d2d37ab76d47d36._openpgpkey.example.com?type=OPENPGPKEY Encryption: openpgp4fpr:5f2de5521c63a801ab59ccb603d49de44b29100f
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for django-wellknown-security-0.13.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 3148058eb40ee02ee97998f3c77e30cd5161ed7d4a2d672a35ffdc5ebde097a8 |
|
| MD5 | 7442f0263f4c67be2582a2ab98cad85c |
|
| BLAKE2b-256 | 67757c958de5b2d2383ca44620848a7d00881814fb37c61b19bdf738b49345be |
