mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-07-07 04:26:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

set X-Robots-Tag to disable indexing API endpoints

Browse source
This commit is contained in:
Hazelnoot 2025-06-13 23:18:06 -04:00
parent 99bf315351
commit b44abe0eaa
5 changed files with 23 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/backend/src/server/ActivityPubServerService.ts
View file

@ -791,6 +791,10 @@ export class ActivityPubServerService {
reply.header('Access-Control-Allow-Origin', '*');
reply.header('Access-Control-Expose-Headers', 'Vary');
// Tell crawlers not to index AP endpoints.
// https://developers.google.com/search/docs/crawling-indexing/block-indexing
reply.header('X-Robots-Tag', 'noindex');
/* tell any caching proxy that they should not cache these
responses: we wouldn't want the proxy to return a 403 to
someone presenting a valid signature, or return a cached

4
packages/backend/src/server/FileServerService.ts
View file

@ -70,6 +70,10 @@ export class FileServerService {
fastify.addHook('onRequest', (request, reply, done) => {
reply.header('Content-Security-Policy', 'default-src \'none\'; img-src \'self\'; media-src \'self\'; style-src \'unsafe-inline\'');
reply.header('Access-Control-Allow-Origin', '*');
// Tell crawlers not to index files endpoints.
// https://developers.google.com/search/docs/crawling-indexing/block-indexing
reply.header('X-Robots-Tag', 'noindex');
done();
});

4
packages/backend/src/server/api/ApiCallService.ts
View file

@ -148,6 +148,10 @@ export class ApiCallService implements OnApplicationShutdown {
request: FastifyRequest<{ Body: Record<string, unknown> | undefined, Querystring: Record<string, unknown> }>,
reply: FastifyReply,
): void {
// Tell crawlers not to index API endpoints.
// https://developers.google.com/search/docs/crawling-indexing/block-indexing
reply.header('X-Robots-Tag', 'noindex');
const body = request.method === 'GET'
? request.query
: request.body;

7
packages/backend/src/server/api/mastodon/MastodonApiServerService.ts
View file

@ -71,6 +71,13 @@ export class MastodonApiServerService {
done();
});
// Tell crawlers not to index API endpoints.
// https://developers.google.com/search/docs/crawling-indexing/block-indexing
fastify.addHook('onRequest', (request, reply, done) => {
reply.header('X-Robots-Tag', 'noindex');
done();
});
// External endpoints
this.apiAccountMastodon.register(fastify);
this.apiAppsMastodon.register(fastify);

4
packages/backend/src/server/web/UrlPreviewService.ts
View file

@ -125,6 +125,10 @@ export class UrlPreviewService {
reply: FastifyReply,
): Promise<void> {
if (!this.meta.urlPreviewEnabled) {
// Tell crawlers not to index URL previews.
// https://developers.google.com/search/docs/crawling-indexing/block-indexing
reply.header('X-Robots-Tag', 'noindex');
return reply.code(403).send({
error: {
message: 'URL preview is disabled',