The best implementation is to utilise a HTTP redirect to the central security.txt file.
< HTTP/1.1 302 Found
< Location: https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt
See below for various implementation examples:
Additionally, see 002-faas-edge-code for code to implement at your CDN edge to perform the HTTP redirect.
const express = require('express')
const app = express()
const port = 3000
const sectxt_pathregex = /^(\/.well[-_]known)?\/security(\.txt)?/
const sectxt_location = 'https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt'
app.get(sectxt_pathregex, (req, res) => {
res.redirect(sectxt_location)
})
app.get('/', (req, res) => {
res.send('OK')
})
app.listen(port, () => {
console.log(`Example app listening on port ${port}`)
})var port = 3000;
var http = require('http');
var url = require('url');
var sectxt_pathregex = /^(\/.well[-_]known)?\/security(\.txt)?/;
var sectxt_location = 'https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt';
var server = http.createServer(function(req, res) {
var parsedUrl = url.parse(req.url);
if(parsedUrl.pathname.match(sectxt_pathregex)) {
res.writeHead(302, {'Location': sectxt_location});
res.end();
return;
}
});
server.listen(port);import os
from flask import Flask, redirect
app = Flask(__name__)
SECTXT_LOCATION = 'https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt'
@app.route("/", methods=["GET"])
def root():
return "OK"
@app.route("/.well-known/security.txt", methods=["GET"])
@app.route("/security.txt", methods=["GET"])
def securitytxt():
return redirect(SECTXT_LOCATION)
if __name__ == "__main__":
app.run(host="0.0.0.0", port=int(os.getenv("PORT", "3000")))