Making WordPress.org

Changeset 13988


Ignore:
Timestamp:
08/21/2024 01:40:45 AM (8 weeks ago)
Author:
dd32
Message:

.well-known/security.txt: Bump the expiry date, and add Preferred-Languages: en.

The expiry date has been set to a dynamic date, with 6-12 months expiry (Dec 31st, or next Jun 30th, whichever is 6+ months away).
This ensures it doesn't expire, but avoids absurdly long expiries or "odd dates" (ie. today + 1 year).

Props dd32, ehtis, jorbin.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/mu-plugins/pub/wporg-well-known.php

    r13986 r13988  
    2424} );
    2525
     26/**
     27 * Support for https://securitytxt.org/
     28 */
    2629function security_txt() {
     30    /*
     31     * Set the expiry date to December 31st / next June 30th, whichever has 6~12 months expiry.
     32     * The RFC recommends that the expiry be less than a year in the future.
     33     */
     34    $expires = strtotime( 'Dec 31' );
     35    if ( gmdate('z') > 182 ) {
     36        $expires = strtotime( 'Jun 30', $expires + WEEK_IN_SECONDS );
     37    }
     38
    2739    header( 'Content-Type: text/plain')
    2840    ?>
    2941Contact: https://hackerone.com/wordpress
    30 Expires: 2024-12-31T15:00:00.000Z
     42Expires: <?php echo gmdate( 'Y-m-d', $expires ); ?>T15:00:00.000Z
    3143Acknowledgments: https://hackerone.com/wordpress/thanks
    3244Canonical: https://wordpress.org/.well-known/security.txt
    3345Policy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/
     46Preferred-Languages: en
    3447
    3548# The above contact is for reporting security issues in core WordPress software itself.
Note: See TracChangeset for help on using the changeset viewer.