Toptip - what is .well-known folder
Within your ~/public folder, you may come across a directory named ".well-known." This directory is frequently employed in web-based protocols to retrieve "site-wide metadata" related to a host before initiating a request. It's important to note that the absence of this folder doesn't necessarily indicate an issue; it simply means it hasn't been utilized or generated yet.
Here are some examples of what you might find in the ".well-known" directory:
- .well-known/security.txt: Contains information about a website's security policies and contact information for security researchers.
Please read some helpful blogs on this topic.
https://www.gulla.net/en/blog/security.txt
https://optimizely.blog/2023/03/easy-implementation-of-security.txt-with-minimal-api-.net-core -
.well-known/apple-app-site-association (AASA): Used for associating iOS apps with websites, enabling features like Universal Links. This file doesn't have an extension.
- .well-known/assetlinks.json: Used in the context of Android App Links. Android App Links are a way to associate a website with a specific Android app, allowing the app to open when certain links are clicked, even if the app is not currently installed on the device.
Jan 15, 2024
Comments