From ae0f8d58d9f246b765f739787a165e5f8759dacb Mon Sep 17 00:00:00 2001
From: Kenneth Kehl <@kkehl@flexion.us>
Date: Wed, 16 Oct 2024 07:48:00 -0700
Subject: [PATCH] investigate security.txt

---
 app/.well-known/security.txt      | 2 ++
 app/main/views/security_policy.py | 6 ++----
 2 files changed, 4 insertions(+), 4 deletions(-)
 create mode 100644 app/.well-known/security.txt

diff --git a/app/.well-known/security.txt b/app/.well-known/security.txt
new file mode 100644
index 000000000..0c823b608
--- /dev/null
+++ b/app/.well-known/security.txt
@@ -0,0 +1,2 @@
+Contact: mailto:security@notify.gov
+Expires: 2025-10-15T23:59:59Z
diff --git a/app/main/views/security_policy.py b/app/main/views/security_policy.py
index 35ffd359e..cb87cfc1c 100644
--- a/app/main/views/security_policy.py
+++ b/app/main/views/security_policy.py
@@ -1,4 +1,4 @@
-from flask import redirect
+from flask import send_from_directory
 
 from app.main import main
 
@@ -6,6 +6,4 @@ from app.main import main
 @main.route("/.well-known/security.txt", methods=["GET"])
 @main.route("/security.txt", methods=["GET"])
 def security_policy():
-    # See GDS Way security policy which this implements
-    # https://gds-way.cloudapps.digital/standards/vulnerability-disclosure.html#vulnerability-disclosure-and-security-txt
-    return redirect("https://vdp.cabinetoffice.gov.uk/.well-known/security.txt")
+    return send_from_directory(".well-known", "security.txt")