Added security Disclosures section to the site.

lonnieezell · lonnieezell · commit 74c59e1b92c3 · 2021-11-01T22:43:12.000-05:00
diff --git a/app/Config/App.php b/app/Config/App.php
@@ -27,7 +27,8 @@ class App extends BaseConfig
 		'menudata' => [
 			['name' => 'bottomNav1', 'link' => '/help'],
 			['name' => 'bottomNav2', 'link' => '/help/legal'],
-			['name' => 'bottomNav3', 'link' => '/help/about']
+			['name' => 'bottomNav3', 'link' => '/help/about'],
+			['name' => 'bottomNav4', 'link' => '/security-notices'],
 		]
 	];
 
diff --git a/app/Config/Routes.php b/app/Config/Routes.php
@@ -45,6 +45,7 @@
 $routes->get('help','Help::index');
 $routes->get('help/legal','Help::legal');
 $routes->get('help/about','Help::about');
+$routes->get('security-notices','Security::notices');
 
 // localized routes
 $routes->get('{locale}/home','Home::index');
diff --git a/app/Controllers/Security.php b/app/Controllers/Security.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Controllers;
+
+class Security extends BaseController
+{
+    /**
+     * Security Notices page
+     */
+    public function notices()
+    {
+        $this->data['title'] = 'Security Notices';
+
+        $this->render('security');
+    }
+}
diff --git a/app/Language/en/Site.php b/app/Language/en/Site.php
@@ -9,4 +9,5 @@
 	'bottomNav1'	 => 'Policies',
 	'bottomNav2'	 => 'The Fine Print',
 	'bottomNav3'	 => 'About',
+	'bottomNav4'	 => 'Security Notices',
 ];
diff --git a/app/Views/security.php b/app/Views/security.php
@@ -0,0 +1,26 @@
+<?= $this->extend('theme/template') ?>
+
+<?= $this->section('content') ?>
+<div class="container">
+    <div class="row">
+
+		<p>The following items have been reported to the CodeIgniter core team and addressed as potential security
+            concerns. Not all of them will affect your sites, but you should periodically review this list to
+            determine any threats.
+        </p>
+
+        <p>These disclosures are primarily aimed at the website and surrounding environment. Security disclosures
+            affecting the framework will be handled through GitHub's built-in Security Advisors functionality.
+        </p>
+
+
+        <section class="well disclosure">
+            <h1>codeigniter.com Email Spoofing</h1>
+
+            <p>Oct 25, 2021 - <b>The MX</b> reported that the codeigniter.com domain was able to be used for email
+                spoofing due to the lack of a DKIM record. We updated the DNS to include a DKIM record as a result.
+            </p>
+        </section>
+    </div>
+</div>
+<?= $this->endSection() ?>
diff --git a/composer.lock b/composer.lock
diff --git a/public/assets/css/style.css b/public/assets/css/style.css

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,8 @@ class App extends BaseConfig`
`27`	`27`	`'menudata' => [`
`28`	`28`	`['name' => 'bottomNav1', 'link' => '/help'],`
`29`	`29`	`['name' => 'bottomNav2', 'link' => '/help/legal'],`
`30`		`- ['name' => 'bottomNav3', 'link' => '/help/about']`
	`30`	`+ ['name' => 'bottomNav3', 'link' => '/help/about'],`
	`31`	`+ ['name' => 'bottomNav4', 'link' => '/security-notices'],`
`31`	`32`	`]`
`32`	`33`	`];`
`33`	`34`