Use robots.txt instead of robots meta tag to prevent web crawlers from indexing login, register, and lost password form (#33658).

Patch by Go MAEDA. git-svn-id: http://svn.redmine.org/redmine/trunk@20577 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Go MAEDA <maeda@farend.jp> 2020-12-05 07:10:39 +0000
committer: Go MAEDA <maeda@farend.jp> 2020-12-05 07:10:39 +0000
commit: 661c5646b45e77389af0346c90bec943df5aa2be (patch)
tree: b3b903e2a4bdba41304fa8804af10d8050bd0234
parent: 135fd7b79f7a45fa3741f95aa53af5457d59b2dd (diff)
download: redmine-661c5646b45e77389af0346c90bec943df5aa2be.tar.gz
redmine-661c5646b45e77389af0346c90bec943df5aa2be.zip
7 files changed, 6 insertions, 20 deletions
diff --git a/app/views/account/login.html.erb b/app/views/account/login.html.erb
index ba212c6a3..1440e3227 100644
--- a/app/views/account/login.html.erb
+++ b/app/views/account/login.html.erb
@@ -33,7 +33,3 @@
 <% else %>
 <%= javascript_tag "$('#username').focus();" %>
 <% end %>
-
-<% content_for :header_tags do %>
-  <%= robot_exclusion_tag %>
-<% end %>
diff --git a/app/views/account/lost_password.html.erb b/app/views/account/lost_password.html.erb
index d0f82bddf..19df8d9a9 100644
--- a/app/views/account/lost_password.html.erb
+++ b/app/views/account/lost_password.html.erb
@@ -9,7 +9,3 @@
     </p>
   </div>
 <% end %>
-
-<% content_for :header_tags do %>
-  <%= robot_exclusion_tag %>
-<% end %>
diff --git a/app/views/account/password_recovery.html.erb b/app/views/account/password_recovery.html.erb
index 6e6af401d..0c275b476 100644
--- a/app/views/account/password_recovery.html.erb
+++ b/app/views/account/password_recovery.html.erb
@@ -21,7 +21,3 @@
   </div>
   <p><%= submit_tag l(:button_save) %></p>
 <% end %>
-
-<% content_for :header_tags do %>
-  <%= robot_exclusion_tag %>
-<% end %>
diff --git a/app/views/account/register.html.erb b/app/views/account/register.html.erb
index 90154885f..f35e0e0cc 100644
--- a/app/views/account/register.html.erb
+++ b/app/views/account/register.html.erb
@@ -39,7 +39,3 @@
 
 <%= submit_tag l(:button_submit) %>
 <% end %>
-
-<% content_for :header_tags do %>
-  <%= robot_exclusion_tag %>
-<% end %>
diff --git a/app/views/welcome/robots.text.erb b/app/views/welcome/robots.text.erb
index 7516fea5d..a13cdc85e 100644
--- a/app/views/welcome/robots.text.erb
+++ b/app/views/welcome/robots.text.erb
@@ -15,3 +15,6 @@ Disallow: <%= url_for(issues_path(:query_id => '')) %>
 Disallow: <%= url_for(issues_path) %>?*set_filter=
 Disallow: <%= url_for(issues_path(:trailing_slash => true)) %>*.pdf$
 Disallow: <%= url_for(projects_path(:trailing_slash => true)) %>*.pdf$
+Disallow: <%= url_for(signin_path) %>
+Disallow: <%= url_for(register_path) %>
+Disallow: <%= url_for(lost_password_path) %>
diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb
index df8ed6887..d571ea1ae 100644
--- a/test/functional/account_controller_test.rb
+++ b/test/functional/account_controller_test.rb
@@ -32,7 +32,6 @@ class AccountControllerTest < Redmine::ControllerTest
 
     assert_select 'input[name=username]'
     assert_select 'input[name=password]'
-    assert_select 'head>meta[name="robots"][content=?]', 'noindex,follow,noarchive'
   end
 
   def test_get_login_while_logged_in_should_redirect_to_back_url_if_present
@@ -294,7 +293,6 @@ class AccountControllerTest < Redmine::ControllerTest
 
       assert_select 'input[name=?]', 'user[password]'
       assert_select 'input[name=?]', 'user[password_confirmation]'
-      assert_select 'head>meta[name="robots"][content=?]', 'noindex,follow,noarchive'
     end
   end
 
@@ -407,7 +405,6 @@ class AccountControllerTest < Redmine::ControllerTest
     get :lost_password
     assert_response :success
     assert_select 'input[name=mail]'
-    assert_select 'head>meta[name="robots"][content=?]', 'noindex,follow,noarchive'
   end
 
   def test_lost_password_for_active_user_should_create_a_token
@@ -527,7 +524,6 @@ class AccountControllerTest < Redmine::ControllerTest
     assert_response :success
 
     assert_select 'input[type=hidden][name=token][value=?]', token.value
-    assert_select 'head>meta[name="robots"][content=?]', 'noindex,follow,noarchive'
   end
 
   def test_get_lost_password_with_invalid_token_should_redirect
diff --git a/test/integration/welcome_test.rb b/test/integration/welcome_test.rb
index a526a8cec..2ceb1487a 100644
--- a/test/integration/welcome_test.rb
+++ b/test/integration/welcome_test.rb
@@ -33,5 +33,8 @@ class WelcomeTest < Redmine::IntegrationTest
     assert @response.body.match(%r{^Disallow: /issues\?\*set_filter=\r?$})
     assert @response.body.match(%r{^Disallow: /issues/\*\.pdf\$\r?$})
     assert @response.body.match(%r{^Disallow: /projects/\*\.pdf\$\r?$})
+    assert @response.body.match(%r{^Disallow: /login\r?$})
+    assert @response.body.match(%r{^Disallow: /account/register\r?$})
+    assert @response.body.match(%r{^Disallow: /account/lost_password\r?$})
   end
 end
author	Go MAEDA <maeda@farend.jp>	2020-12-05 07:10:39 +0000
committer	Go MAEDA <maeda@farend.jp>	2020-12-05 07:10:39 +0000
commit	661c5646b45e77389af0346c90bec943df5aa2be (patch)
tree	b3b903e2a4bdba41304fa8804af10d8050bd0234
parent	135fd7b79f7a45fa3741f95aa53af5457d59b2dd (diff)
download	redmine-661c5646b45e77389af0346c90bec943df5aa2be.tar.gz redmine-661c5646b45e77389af0346c90bec943df5aa2be.zip