From 5c44d0be0ce383a838cc8f0e6c5b7a8d52782154 Mon Sep 17 00:00:00 2001
From: mellisxd <mark.ellis@xdesign.com>
Date: Wed, 25 Jun 2025 14:05:00 +0100
Subject: [PATCH] Move config.txt to secure location and leave notice in static
 directory

---
 config/config.txt                             | 4 ++++
 src/main/resources/static/internal/config.txt | 5 +----
 2 files changed, 5 insertions(+), 4 deletions(-)
 create mode 100644 config/config.txt

diff --git a/config/config.txt b/config/config.txt
new file mode 100644
index 0000000..d427e94
--- /dev/null
+++ b/config/config.txt
@@ -0,0 +1,4 @@
+INPUT_SANITISATION_STATUS=mostly_done # Just a few edge cases left. Like, all of them
+CROSS_SITE_SCRIPTING_DEFENSE=browser_should_handle_it # Not our problem
+BACKUP_STRATEGY=hope_for_the_best
+CONFIDENTIAL_FILE_LOCATION=/internal/config.txt # You're already here, so...
diff --git a/src/main/resources/static/internal/config.txt b/src/main/resources/static/internal/config.txt
index d427e94..21fbe18 100644
--- a/src/main/resources/static/internal/config.txt
+++ b/src/main/resources/static/internal/config.txt
@@ -1,4 +1 @@
-INPUT_SANITISATION_STATUS=mostly_done # Just a few edge cases left. Like, all of them
-CROSS_SITE_SCRIPTING_DEFENSE=browser_should_handle_it # Not our problem
-BACKUP_STRATEGY=hope_for_the_best
-CONFIDENTIAL_FILE_LOCATION=/internal/config.txt # You're already here, so...
+// This file has been moved to /src/main/resources/internal/config.txt to prevent public access via static resources.