diff options
| author | wxiaoguang <wxiaoguang@gmail.com> | 2023-07-21 20:14:20 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-07-21 12:14:20 +0000 |
| commit | 52fb9367734100847249d074e2bc17f2aa91053e (patch) | |
| tree | c3e7b8466a249ac461f463b254a98fe9792b68ce /cmd | |
| parent | 2f0e79e6393df13930eaa419273d24dc2ef36cfa (diff) | |
| download | gitea-52fb9367734100847249d074e2bc17f2aa91053e.tar.gz gitea-52fb9367734100847249d074e2bc17f2aa91053e.zip | |
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892
Close #21942
Close #25464
Major changes:
1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files
```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/web.go | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/cmd/web.go b/cmd/web.go index d9aafb1fa2..dfe2091d06 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -15,9 +15,11 @@ import ( _ "net/http/pprof" // Used for debugging if enabled and a web server is running + "code.gitea.io/gitea/modules/container" "code.gitea.io/gitea/modules/graceful" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/process" + "code.gitea.io/gitea/modules/public" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/routers" "code.gitea.io/gitea/routers/install" @@ -175,6 +177,20 @@ func serveInstalled(ctx *cli.Context) error { } } + // in old versions, user's custom web files are placed in "custom/public", and they were served as "http://domain.com/assets/xxx" + // now, Gitea only serves pre-defined files in the "custom/public" folder basing on the web root, the user should move their custom files to "custom/public/assets" + publicFiles, _ := public.AssetFS().ListFiles(".") + publicFilesSet := container.SetOf(publicFiles...) + publicFilesSet.Remove(".well-known") + publicFilesSet.Remove("assets") + publicFilesSet.Remove("robots.txt") + for _, fn := range publicFilesSet.Values() { + log.Error("Found legacy public asset %q in CustomPath. Please move it to %s/public/assets/%s", fn, setting.CustomPath, fn) + } + if _, err := os.Stat(filepath.Join(setting.CustomPath, "robots.txt")); err == nil { + log.Error(`Found legacy public asset "robots.txt" in CustomPath. Please move it to %s/public/robots.txt`, setting.CustomPath) + } + routers.InitWebInstalled(graceful.GetManager().HammerContext()) // We check that AppDataPath exists here (it should have been created during installation) |