0003-Disallow-all-in-robots.txt-if-login-is-required.patch

Holger Just, 2022-10-20 17:27

Download (2.1 KB)

View differences:

app/controllers/welcome_controller.rb
27 27
  end
28 28

  
29 29
  def robots
30
    @projects = Project.visible(User.anonymous)
30
    @projects = Project.visible(User.anonymous) unless Setting.login_required?
31 31
    render :layout => false, :content_type => 'text/plain'
32 32
  end
33 33
end
app/views/welcome/robots.text.erb
1 1
User-agent: *
2
<% if Setting.login_required? -%>
3
Disallow: /
4
<% else -%>
2 5
<% @projects.each do |project| -%>
3 6
<%   [project, project.id].each do |p| -%>
4 7
Disallow: <%= url_for(:controller => 'repositories', :action => :show, :id => p) %>
......
18 21
Disallow: <%= url_for(signin_path) %>
19 22
Disallow: <%= url_for(register_path) %>
20 23
Disallow: <%= url_for(lost_password_path) %>
24
<% end -%>
test/integration/welcome_test.rb
48 48
      get '/robots.txt'
49 49
      assert_response :success
50 50
      assert_equal 'text/plain', @response.media_type
51

  
52
      # Disallow everything if logins are required
53
      refute @response.body.match(%r{^Disallow: /projects/ecookbook/issues\r?$})
54
      assert @response.body.match(%r{^Disallow: /\r?$})
51 55
    end
52 56
  end
53 57
end
54
-