http-headers-verifier 0.0.3 → 0.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/Gemfile.lock +1 -1
- data/README.md +2 -1
- data/exe/http-headers-verifier.rb +8 -3
- data/lib/http_headers_validations.rb +3 -3
- data/lib/version.rb +2 -2
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ae2ccdc95caaa32434a2e795b94d77733d3600f019a31ecb535bc43f087768b3
|
4
|
+
data.tar.gz: bf3a421e67d247af467cc49fa0c47a4c461049c517fd8b3a5910af883bd087a4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e8e56e998e250f0a118301b173edd2149f69e04cc0a1174441fb5f07fd0a49e311f549a9c868b82a64dc142db3f9860d71d82c613d76819afb8c1ccef237f65e
|
7
|
+
data.tar.gz: 4a8794b0b67212ede493b7b33f31123b04185ee1f8cb824cd7fc17cd97e4f6782cfca264109bc9bf574e77113ef705d3b8afdb3044595e42ecdebe7b30bd1db3
|
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
# Http Headers Verifier
|
2
2
|
|
3
3
|
[![Gem Version](https://badge.fury.io/rb/http-headers-verifier.svg)](https://badge.fury.io/rb/http-headers-verifier)
|
4
|
+
[![Build Status](https://travis-ci.org/AvnerCohen/http-headers-verifier.svg?branch=master)](https://travis-ci.org/AvnerCohen/http-headers-verifier)
|
4
5
|
|
5
6
|
Verify a pre-defined HTTP headers configurations.
|
6
7
|
Unlike some other similar projects, this is not meant to enforce best practices, instead it is meant to define policies on top of headers and enforce them.
|
@@ -98,4 +99,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
98
99
|
|
99
100
|
## Code of Conduct
|
100
101
|
|
101
|
-
Everyone interacting in the Http
|
102
|
+
Everyone interacting in the `Http Headers Verifier` project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/http-headers-verifier/blob/master/CODE_OF_CONDUCT.md).
|
@@ -15,14 +15,16 @@ if ARGV.length != 3 && ARGV.length != 2
|
|
15
15
|
exit 2
|
16
16
|
end
|
17
17
|
|
18
|
-
policy_arg, url, verbose = ARGV
|
18
|
+
policy_arg, @url, verbose = ARGV
|
19
19
|
@policies = policy_arg.split(',')
|
20
20
|
|
21
21
|
HttpHeadersUtils.verbose = !verbose.nil?
|
22
22
|
|
23
|
-
|
23
|
+
request_results = Typhoeus.get(@url, timeout: HTTP_TIMEOUT_IN_SECONDS, followlocation: true)
|
24
|
+
actual_headers = request_results.headers
|
24
25
|
|
25
26
|
def verify_headers!(actual_headers, rules)
|
27
|
+
puts "Testing url: #{@url}"
|
26
28
|
puts "Starting verification of policies #{HttpHeadersUtils.bold(@policies.join(", "))}:"
|
27
29
|
errors = []
|
28
30
|
checked_already = Set.new
|
@@ -79,7 +81,10 @@ def read_policies!(policy_files_names)
|
|
79
81
|
end
|
80
82
|
|
81
83
|
|
82
|
-
if
|
84
|
+
if request_results.return_code != :ok
|
85
|
+
puts "🤕 Request to url #{@url} failed - #{request_results.return_code}, bailing out. "
|
86
|
+
exit 0
|
87
|
+
elsif verify_headers!(actual_headers, read_policies!(@policies))
|
83
88
|
puts "😎 Success !"
|
84
89
|
exit 0
|
85
90
|
else
|
@@ -9,13 +9,13 @@ module HttpHeadersValidations
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def self.assert_expected_header(expected_header, expected_value, actual_value)
|
12
|
-
if (expected_value.is_a?(Regexp) && actual_value.match?(expected_value)) ||
|
12
|
+
if (!actual_value.nil? && expected_value.is_a?(Regexp) && actual_value.match?(expected_value)) ||
|
13
13
|
(expected_value.to_s == actual_value.to_s)
|
14
14
|
failed = false
|
15
15
|
text = "Expected Header '#{expected_header}' matched!"
|
16
16
|
else
|
17
17
|
failed = true
|
18
|
-
text = "Expected Header '#{HttpHeadersUtils.bold(expected_header)}' failed! '#{expected_value}' was '#{actual_value}'."
|
18
|
+
text = "Expected Header '#{HttpHeadersUtils.bold(expected_header)}' failed! '#{expected_value}' #{HttpHeadersUtils.bold('was')} '#{actual_value}'."
|
19
19
|
end
|
20
20
|
icon = failed ? "🛑" : "🍏"
|
21
21
|
|
@@ -37,7 +37,7 @@ module HttpHeadersValidations
|
|
37
37
|
else
|
38
38
|
icon = "⚠️"
|
39
39
|
failed = false
|
40
|
-
text = "Warning: Extra Header '#{HttpHeadersUtils.bold(actual_header)}' with value '#{actual_value}'
|
40
|
+
text = "Warning: Extra Header '#{HttpHeadersUtils.bold(actual_header)}' with value '#{actual_value}' was unexpected."
|
41
41
|
end
|
42
42
|
|
43
43
|
report(text, failed, icon)
|
data/lib/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
1
|
module HttpHeadersVerifier
|
2
|
-
VERSION = "0.0.
|
3
|
-
end
|
2
|
+
VERSION = "0.0.9"
|
3
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: http-headers-verifier
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Avner Cohen
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-08-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -122,7 +122,7 @@ metadata:
|
|
122
122
|
homepage_uri: https://github.com/AvnerCohen/http-headers-verifier
|
123
123
|
source_code_uri: https://github.com/AvnerCohen/http-headers-verifier
|
124
124
|
bug_tracker_uri: https://github.com/AvnerCohen/http-headers-verifier/issues
|
125
|
-
post_install_message:
|
125
|
+
post_install_message:
|
126
126
|
rdoc_options: []
|
127
127
|
require_paths:
|
128
128
|
- lib
|
@@ -137,8 +137,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
137
137
|
- !ruby/object:Gem::Version
|
138
138
|
version: '0'
|
139
139
|
requirements: []
|
140
|
-
rubygems_version: 3.
|
141
|
-
signing_key:
|
140
|
+
rubygems_version: 3.1.4
|
141
|
+
signing_key:
|
142
142
|
specification_version: 4
|
143
143
|
summary: Verify a pre-defined HTTP headers configurations.
|
144
144
|
test_files: []
|