http-headers-verifier 0.0.3 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/Gemfile.lock +1 -1
- data/README.md +2 -1
- data/exe/http-headers-verifier.rb +8 -3
- data/lib/http_headers_validations.rb +3 -3
- data/lib/version.rb +2 -2
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ae2ccdc95caaa32434a2e795b94d77733d3600f019a31ecb535bc43f087768b3
|
|
4
|
+
data.tar.gz: bf3a421e67d247af467cc49fa0c47a4c461049c517fd8b3a5910af883bd087a4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e8e56e998e250f0a118301b173edd2149f69e04cc0a1174441fb5f07fd0a49e311f549a9c868b82a64dc142db3f9860d71d82c613d76819afb8c1ccef237f65e
|
|
7
|
+
data.tar.gz: 4a8794b0b67212ede493b7b33f31123b04185ee1f8cb824cd7fc17cd97e4f6782cfca264109bc9bf574e77113ef705d3b8afdb3044595e42ecdebe7b30bd1db3
|
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Http Headers Verifier
|
|
2
2
|
|
|
3
3
|
[](https://badge.fury.io/rb/http-headers-verifier)
|
|
4
|
+
[](https://travis-ci.org/AvnerCohen/http-headers-verifier)
|
|
4
5
|
|
|
5
6
|
Verify a pre-defined HTTP headers configurations.
|
|
6
7
|
Unlike some other similar projects, this is not meant to enforce best practices, instead it is meant to define policies on top of headers and enforce them.
|
|
@@ -98,4 +99,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
|
98
99
|
|
|
99
100
|
## Code of Conduct
|
|
100
101
|
|
|
101
|
-
Everyone interacting in the Http
|
|
102
|
+
Everyone interacting in the `Http Headers Verifier` project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/http-headers-verifier/blob/master/CODE_OF_CONDUCT.md).
|
|
@@ -15,14 +15,16 @@ if ARGV.length != 3 && ARGV.length != 2
|
|
|
15
15
|
exit 2
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
-
policy_arg, url, verbose = ARGV
|
|
18
|
+
policy_arg, @url, verbose = ARGV
|
|
19
19
|
@policies = policy_arg.split(',')
|
|
20
20
|
|
|
21
21
|
HttpHeadersUtils.verbose = !verbose.nil?
|
|
22
22
|
|
|
23
|
-
|
|
23
|
+
request_results = Typhoeus.get(@url, timeout: HTTP_TIMEOUT_IN_SECONDS, followlocation: true)
|
|
24
|
+
actual_headers = request_results.headers
|
|
24
25
|
|
|
25
26
|
def verify_headers!(actual_headers, rules)
|
|
27
|
+
puts "Testing url: #{@url}"
|
|
26
28
|
puts "Starting verification of policies #{HttpHeadersUtils.bold(@policies.join(", "))}:"
|
|
27
29
|
errors = []
|
|
28
30
|
checked_already = Set.new
|
|
@@ -79,7 +81,10 @@ def read_policies!(policy_files_names)
|
|
|
79
81
|
end
|
|
80
82
|
|
|
81
83
|
|
|
82
|
-
if
|
|
84
|
+
if request_results.return_code != :ok
|
|
85
|
+
puts "🤕 Request to url #{@url} failed - #{request_results.return_code}, bailing out. "
|
|
86
|
+
exit 0
|
|
87
|
+
elsif verify_headers!(actual_headers, read_policies!(@policies))
|
|
83
88
|
puts "😎 Success !"
|
|
84
89
|
exit 0
|
|
85
90
|
else
|
|
@@ -9,13 +9,13 @@ module HttpHeadersValidations
|
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def self.assert_expected_header(expected_header, expected_value, actual_value)
|
|
12
|
-
if (expected_value.is_a?(Regexp) && actual_value.match?(expected_value)) ||
|
|
12
|
+
if (!actual_value.nil? && expected_value.is_a?(Regexp) && actual_value.match?(expected_value)) ||
|
|
13
13
|
(expected_value.to_s == actual_value.to_s)
|
|
14
14
|
failed = false
|
|
15
15
|
text = "Expected Header '#{expected_header}' matched!"
|
|
16
16
|
else
|
|
17
17
|
failed = true
|
|
18
|
-
text = "Expected Header '#{HttpHeadersUtils.bold(expected_header)}' failed! '#{expected_value}' was '#{actual_value}'."
|
|
18
|
+
text = "Expected Header '#{HttpHeadersUtils.bold(expected_header)}' failed! '#{expected_value}' #{HttpHeadersUtils.bold('was')} '#{actual_value}'."
|
|
19
19
|
end
|
|
20
20
|
icon = failed ? "🛑" : "🍏"
|
|
21
21
|
|
|
@@ -37,7 +37,7 @@ module HttpHeadersValidations
|
|
|
37
37
|
else
|
|
38
38
|
icon = "⚠️"
|
|
39
39
|
failed = false
|
|
40
|
-
text = "Warning: Extra Header '#{HttpHeadersUtils.bold(actual_header)}' with value '#{actual_value}'
|
|
40
|
+
text = "Warning: Extra Header '#{HttpHeadersUtils.bold(actual_header)}' with value '#{actual_value}' was unexpected."
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
report(text, failed, icon)
|
data/lib/version.rb
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
module HttpHeadersVerifier
|
|
2
|
-
VERSION = "0.0.
|
|
3
|
-
end
|
|
2
|
+
VERSION = "0.0.9"
|
|
3
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: http-headers-verifier
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Avner Cohen
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-08-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -122,7 +122,7 @@ metadata:
|
|
|
122
122
|
homepage_uri: https://github.com/AvnerCohen/http-headers-verifier
|
|
123
123
|
source_code_uri: https://github.com/AvnerCohen/http-headers-verifier
|
|
124
124
|
bug_tracker_uri: https://github.com/AvnerCohen/http-headers-verifier/issues
|
|
125
|
-
post_install_message:
|
|
125
|
+
post_install_message:
|
|
126
126
|
rdoc_options: []
|
|
127
127
|
require_paths:
|
|
128
128
|
- lib
|
|
@@ -137,8 +137,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: '0'
|
|
139
139
|
requirements: []
|
|
140
|
-
rubygems_version: 3.
|
|
141
|
-
signing_key:
|
|
140
|
+
rubygems_version: 3.1.4
|
|
141
|
+
signing_key:
|
|
142
142
|
specification_version: 4
|
|
143
143
|
summary: Verify a pre-defined HTTP headers configurations.
|
|
144
144
|
test_files: []
|