diff --git a/setup/splashpage.sh b/setup/splashpage.sh index 4fc28bbb2..321966727 100755 --- a/setup/splashpage.sh +++ b/setup/splashpage.sh @@ -34,11 +34,11 @@ if [[ "${arg_retire_reason}" != "" || "${existing_infra}" != "${current_infra}" echo "Showing progress bar on all subdomains in retired mode or infra update. retire: ${arg_retire_reason} existing: ${existing_infra} current: ${current_infra}" rm -f ${PLATFORM_DATA_DIR}/nginx/applications/* ${box_src_dir}/node_modules/.bin/ejs-cli -f "${script_dir}/start/nginx/appconfig.ejs" \ - -O "{ \"vhost\": \"~^(.+)\$\", \"adminOrigin\": \"${admin_origin}\", \"endpoint\": \"splash\", \"sourceDir\": \"${SETUP_WEBSITE_DIR}\", \"certFilePath\": \"cert/host.cert\", \"keyFilePath\": \"cert/host.key\", \"xFrameOptions\": \"SAMEORIGIN\", \"robotsTxt\": null }" > "${PLATFORM_DATA_DIR}/nginx/applications/admin.conf" + -O "{ \"vhost\": \"~^(.+)\$\", \"adminOrigin\": \"${admin_origin}\", \"endpoint\": \"splash\", \"sourceDir\": \"${SETUP_WEBSITE_DIR}\", \"certFilePath\": \"cert/host.cert\", \"keyFilePath\": \"cert/host.key\", \"xFrameOptions\": \"SAMEORIGIN\", \"robotsTxtQuoted\": null }" > "${PLATFORM_DATA_DIR}/nginx/applications/admin.conf" else echo "Show progress bar only on admin domain for normal update" ${box_src_dir}/node_modules/.bin/ejs-cli -f "${script_dir}/start/nginx/appconfig.ejs" \ - -O "{ \"vhost\": \"${admin_fqdn}\", \"adminOrigin\": \"${admin_origin}\", \"endpoint\": \"splash\", \"sourceDir\": \"${SETUP_WEBSITE_DIR}\", \"certFilePath\": \"cert/host.cert\", \"keyFilePath\": \"cert/host.key\", \"xFrameOptions\": \"SAMEORIGIN\", \"robotsTxt\": null }" > "${PLATFORM_DATA_DIR}/nginx/applications/admin.conf" + -O "{ \"vhost\": \"${admin_fqdn}\", \"adminOrigin\": \"${admin_origin}\", \"endpoint\": \"splash\", \"sourceDir\": \"${SETUP_WEBSITE_DIR}\", \"certFilePath\": \"cert/host.cert\", \"keyFilePath\": \"cert/host.key\", \"xFrameOptions\": \"SAMEORIGIN\", \"robotsTxtQuoted\": null }" > "${PLATFORM_DATA_DIR}/nginx/applications/admin.conf" fi if [[ "${arg_retire_reason}" == "migrate" ]]; then diff --git a/setup/start/nginx/appconfig.ejs b/setup/start/nginx/appconfig.ejs index 2094dee82..170c61950 100644 --- a/setup/start/nginx/appconfig.ejs +++ b/setup/start/nginx/appconfig.ejs @@ -83,9 +83,9 @@ server { # Disable check to allow unlimited body sizes client_max_body_size 0; -<% if (robotsTxt) { %> +<% if (robotsTxtQuoted) { %> location = /robots.txt { - return 200 "<%= robotsTxt %>"; + return 200 <%- robotsTxtQuoted %>; } <% } %> diff --git a/src/apps.js b/src/apps.js index 93e8c8a62..47ad8ef4c 100644 --- a/src/apps.js +++ b/src/apps.js @@ -246,7 +246,10 @@ function validateDebugMode(debugMode) { function validateRobotsTxt(robotsTxt) { if (robotsTxt === null) return null; - // TODO: validate the robots file? + // this is the nginx limit on inline strings. if we really hit this, we have to generate a file + if (robotsTxt.length > 4096) return new AppsError(AppsError.BAD_FIELD, 'robotsTxt must be less than 4096'); + + // TODO: validate the robots file? we escape the string when templating the nginx config right now return null; } diff --git a/src/nginx.js b/src/nginx.js index ec9af2c25..536d44acb 100644 --- a/src/nginx.js +++ b/src/nginx.js @@ -36,7 +36,7 @@ function configureAdmin(certFilePath, keyFilePath, configFileName, vhost, callba certFilePath: certFilePath, keyFilePath: keyFilePath, xFrameOptions: 'SAMEORIGIN', - robotsTxt: 'User-agent: *\\nDisallow: /\\n' + robotsTxtQuoted: JSON.stringify('User-agent: *\nDisallow: /\n') }; var nginxConf = ejs.render(NGINX_APPCONFIG_EJS, data); var nginxConfigFilename = path.join(paths.NGINX_APPCONFIG_DIR, configFileName); @@ -64,7 +64,7 @@ function configureApp(app, certFilePath, keyFilePath, callback) { endpoint: endpoint, certFilePath: certFilePath, keyFilePath: keyFilePath, - robotsTxt: app.robotsTxt, + robotsTxtQuoted: app.robotsTxt ? JSON.stringify(app.robotsTxt) : null, xFrameOptions: app.xFrameOptions || 'SAMEORIGIN' // once all apps have been updated/ }; var nginxConf = ejs.render(NGINX_APPCONFIG_EJS, data);