monkeytypegame/monkeytype
1
1
Fork 0
mirror of https://github.com/monkeytypegame/monkeytype.git synced 2024-09-20 15:26:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1505 from tcbutler320/master

Browse source 
Add Security Policy
This commit is contained in:
Jack 2021-06-04 12:54:36 +01:00 committed by GitHub
parent 08ffe66c4a 281523d161
commit 92b1c6eb86
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 146 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
gulpfile.js
View file

@ -189,7 +189,7 @@ task("sass", function () {
});
task("static", function () {
return src("./static/**/*").pipe(dest("./dist/"));
return src("./static/**/*", { dot: true }).pipe(dest("./dist/"));
});
//copies refactored js files to dist/gen so that they can be required by dist/gen/index.js

6
static/.well-known/security.txt Normal file
View file

@ -0,0 +1,6 @@
Contact: mailto:jack@monkeytype.com
Contact: message @Miodec on discord.gg/monkeytype
Expires: 2022-06-03T21:00:00.000Z
Preferred-Languages: en
Canonical: https://monkeytype.com/.well-known/security.txt
Policy: https://monkeytype.com/security-policy

4
static/index.html
View file

@ -4266,6 +4266,10 @@
<i class="fas fa-fw fa-donate"></i>
<span id="supportMeButton">Donate</span>
</div>
<div>
<i class="fas fa-bug"></i>
<a href="security-policy.html" target="_blank">Security</a>
</div>
<div>
<i class="fas fa-user-shield"></i>
<a href="privacy-policy.html" target="_blank">Privacy Policy</a>

135
static/security-policy.html Normal file
View file

@ -0,0 +1,135 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Monkeytype</title>
<!-- <link rel="stylesheet" href="css/fa.css" /> -->
<link rel="stylesheet" href="css/balloon.css" />
<link rel="stylesheet" href="css/style.css" />
<link rel="stylesheet" href="themes/serika_dark.css" id="currentTheme" />
<link rel="stylesheet" href="" id="funBoxTheme" />
<link id="favicon" rel="shortcut icon" href="images/fav.png" />
<link rel="shortcut icon" href="images/fav.png" />
<meta name="name" content="Monkeytype" />
<meta name="image" content="https://monkeytype.com/mtsocial.png" />
<meta
name="description"
content="A minimalistic, customisable typing website. Test yourself in various modes, track your progress and improve your typing speed."
/>
<meta
name="keywords"
content="typing, test, typing-test, typing test, monkey-type, monkeytype, monkey type, monkey-types, monkeytypes, monkey types, types, monkey, type, miodec, wpm, words per minute, typing website, minimalistic, custom typing test, customizable, customisable, themes, random words, smooth caret, smooth, new, new typing site, new typing website, minimalist typing website, minimalistic typing website, minimalist typing test"
/>
<meta name="author" content="Miodec" />
<meta property="og:title" content="Monkeytype" />
<meta property="og:url" content="https://monkeytype.com/" />
<meta property="og:type" content="website" />
<meta
property="og:description"
content="A minimalistic, customisable typing website. Test yourself in various modes, track your progress and improve your typing speed."
/>
<meta property="og:image" content="https://monkeytype.com/mtsocial.png" />
<meta name="theme-color" content="#e2b714" id="metaThemeColor" />
<meta name="twitter:title" content="Monkeytype" />
<meta name="twitter:image" content="https://monkeytype.com/mtsocial.png" />
<meta name="twitter:card" content="summary_large_image" />
<style>
#top {
font-size: 2.5rem;
}
#middle {
color: var(--text-color);
}
h1 {
font-weight: unset;
color: var(--main-color);
font-size: 2rem;
margin-top: 3rem;
}
body {
justify-content: center;
display: flex;
}
</style>
<script defer>
// TODO: Add notification that appears when username copy is successful from notifications module
function copyUserName() {
if (true) {
navigator.clipboard.writeText("Miodec#1512");
alert("Copied To Clipboard!");
} else {
alert("Unable to copy username");
}
}
</script>
</head>
<body>
<div id="centerContent">
<div id="top">
<div class="logo">
<div class="top">monkey see</div>
<div class="bottom">
<a href="/ " style="text-decoration: none; color: inherit">
monkeytype
</a>
<span style="color: var(--text-color)">Security Policy</span>
</div>
</div>
</div>
<div id="middle">
<p>
Monkeytype takes the security of its platform seriously. If you are a
security researcher and have found a vulnerability, we would like to
work with you to remediate the issue.
</p>
<p>Table of Contents</p>
<!-- The last three internal links are redunant but give more context to the user when viewing the table of contents -->
<ul>
<li>
<a href="#Vulnerability_Disclosure">
How to Disclose a Vulnearbility
</a>
</li>
<li><a href="#Submission_Guidelines">Submission Guidelines</a></li>
</ul>
<h1 id="Vulnerability_Disclosure">How to Disclose a Vulnerability?</h1>
<p>
For vulnerabilities that impact the confidentiality, integrity and
availability of monkeytype services, please send your disclosure via
(1)
<a href="mailto:jack@monkeytype.com">mail</a>
, or (2) private discord chat to
<a href="https://www.discord.gg/monkeytype">miodec</a>
. For non-security related platform bugs, follow the bug submission
<a
href="https://github.com/Miodec/monkeytype#bug-report-or-feature-request"
>
guidelines
</a>
.Include as much detail as possible to ensure reproducibility. At a
minimum, vulnerability disclosures should include:
</p>
<ul>
<li>Vulnerability Description</li>
<li>Proof of Concept</li>
<li>Impact</li>
<li>Screenshots or Proof</li>
</ul>
<h1 id="Submission_Guidelines">Submission Guidelines</h1>
<p>
Do not engage in activities that might cause a denial of service
condition, create significant strains on critical resources, or
negatively impact users of the site outside of test accounts.
</p>
</div>
</div>
<!-- TODO: Add image to go back to top of page -->
</body>
</html>