http-headers-verifier 1.0.1 → 1.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby-rspec.yml +18 -0
  3. data/Gemfile.lock +5 -5
  4. data/LICENSE.txt +1 -1
  5. data/README.md +5 -3
  6. data/exe/http-headers-verifier.rb +11 -10
  7. data/lib/http_headers_validations.rb +11 -11
  8. data/lib/version.rb +1 -1
  9. metadata +7 -7
  10. data/.travis.yml +0 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8402eadfa491beb1ee890ba08d7c8634e3123e7afe641f4c67a6e6e69addc704
4
- data.tar.gz: 44ae5406a60518423958d3d014da79ef5d4f88ae4d5ead52ff75a7ec1db96dd1
3
+ metadata.gz: fd5b20f9dadf31bbedc3763096a3b832f9232f8d847db40ace6ae6544a4cc1f6
4
+ data.tar.gz: e062f36f280fcfbf89cfaec500913bb8cdbda073aac5fc541fd3a55dae6ece06
5
5
  SHA512:
6
- metadata.gz: 1854d83ae3747570eecfb29111eea335e824a80dedbab08d952502b11af88cda5b0ec356c34954c9902a11c28d68edad89ad31106b251eeb128b3d737f3c03a3
7
- data.tar.gz: 431f739312da4d44e001224baf15d7838686ad124819fc6e8d93ac608341beeeb35c267889bff13426dcb4b9e275b0452b9b07fa847517cf88d00e6d9e4fc0de
6
+ metadata.gz: 9511ec3330532ca8cd7073bc9a114f8f161c2c252f3fc0b16abbdc53f0c891cbe09e40b9c8db335a0b76a0e6363131b45f855269e58990464e974fe7c51e7247
7
+ data.tar.gz: 070f1357c8f9516e92353a08188611e03f9c30546d401d54b2fd3805074d721493414bee8d7306223f550c8016a8432d0f0116001ad2a51d8a759fcfe907fcb8
data/.github/workflows/ruby-rspec.yml ADDED
@@ -0,0 +1,18 @@
1
+ name: CI
2
+ on: [push]
3
+ jobs:
4
+ rspec:
5
+ runs-on: [ubuntu-latest]
6
+ strategy:
7
+ matrix:
8
+ ruby: ['3.2', '3.0', '2.7', 'truffleruby-head']
9
+ steps:
10
+ - uses: actions/checkout@v1
11
+ - name: Set up Ruby ${{ matrix.ruby }}
12
+ uses: ruby/setup-ruby@v1
13
+ with:
14
+ ruby-version: ${{ matrix.ruby }}
15
+ - name: Bundle install
16
+ run: bundle install --jobs 4 --retry 3
17
+ - name: Run Rspec
18
+ run: bundle exec rspec
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- http-headers-verifier (1.0.1)
4
+ http-headers-verifier (1.0.2)
5
5
  typhoeus (~> 1.4)
6
6
 
7
7
  GEM
@@ -9,9 +9,9 @@ GEM
9
9
  specs:
10
10
  byebug (9.1.0)
11
11
  diff-lcs (1.4.4)
12
- ethon (0.12.0)
13
- ffi (>= 1.3.0)
14
- ffi (1.13.1)
12
+ ethon (0.15.0)
13
+ ffi (>= 1.15.0)
14
+ ffi (1.15.5)
15
15
  rake (13.0.1)
16
16
  rspec (3.9.0)
17
17
  rspec-core (~> 3.9.0)
@@ -40,4 +40,4 @@ DEPENDENCIES
40
40
  rspec (~> 3.0)
41
41
 
42
42
  BUNDLED WITH
43
- 1.17.2
43
+ 2.1.4
data/LICENSE.txt CHANGED
@@ -1,6 +1,6 @@
1
1
  The MIT License (MIT)
2
2
 
3
- Copyright (c) 2020 Avner Cohen
3
+ Copyright (c) 2022 Avner Cohen
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
data/README.md CHANGED
@@ -1,7 +1,9 @@
1
1
  # Http Headers Verifier
2
2
 
3
3
  [![Gem Version](https://badge.fury.io/rb/http-headers-verifier.svg)](https://badge.fury.io/rb/http-headers-verifier)
4
- [![Build Status](https://travis-ci.org/AvnerCohen/http-headers-verifier.svg?branch=master)](https://travis-ci.org/AvnerCohen/http-headers-verifier)
4
+ [![Build Status](https://github.com/AvnerCohen/http-headers-verifier/actions/workflows/ruby-rspec.yml/badge.svg)](https://github.com/AvnerCohen/http-headers-verifier/actions)
5
+
6
+
5
7
 
6
8
  Assertation framework for http-headers on top of live endpoints, Verify a pre-defined HTTP headers configurations.
7
9
 
@@ -96,8 +98,8 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/AvnerC
96
98
 
97
99
  ## License
98
100
 
99
- The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
101
+ The gem is available as open source under the terms of the [MIT License](LICENSE.txt).
100
102
 
101
103
  ## Code of Conduct
102
104
 
103
- Everyone interacting in the `Http Headers Verifier` project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/http-headers-verifier/blob/master/CODE_OF_CONDUCT.md).
105
+ Everyone interacting in the `Http Headers Verifier` project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](CODE_OF_CONDUCT.md).
data/exe/http-headers-verifier.rb CHANGED
@@ -9,6 +9,7 @@ require_relative '../lib/http_headers_utils'
9
9
 
10
10
  FILE_NAME_PREFIX = 'headers-rules-'
11
11
  HTTP_TIMEOUT_IN_SECONDS = 3
12
+ SET_COOKIE_NAME = 'set-cookie'
12
13
 
13
14
  if ARGV.length != 3 && ARGV.length != 2
14
15
  puts "usage: http-headers-verifier.rb [comma seperated policy names] [url] [?verbose]"
@@ -33,22 +34,22 @@ def verify_headers!(actual_headers, rules)
33
34
  expected_value = expected_pair[expected_header]
34
35
  actual_value = actual_headers[expected_header]
35
36
  checked_already.add(expected_header.downcase)
36
- epected_header_error = HttpHeadersValidations.assert_expected_header(expected_header, expected_value, actual_value)
37
- errors.push(epected_header_error) unless epected_header_error.nil?
37
+ expected_header_error = HttpHeadersValidations.assert_expected_header(expected_header, expected_value, actual_value)
38
+ errors.push(expected_header_error) unless expected_header_error.nil?
38
39
  end
39
40
 
40
41
  actual_headers.each do |expected_pair|
41
42
  actual_header, actual_value = expected_pair[0]
42
- next if checked_already.include? actual_header
43
- next if actual_header.downcase == 'set-cookie'
43
+ next if checked_already.include? actual_header.downcase
44
+ next if actual_header.downcase == SET_COOKIE_NAME
44
45
  actual_value = actual_headers[actual_header]
45
46
  actual_header_errors = HttpHeadersValidations.assert_extra_header(actual_header, actual_value,
46
47
  rules[:ignored_headers], rules[:headers_to_avoid])
47
48
  errors.push(actual_header_errors) unless actual_header_errors.nil?
48
49
  end
49
50
 
50
- unless actual_headers["set-cookie"].nil?
51
- [actual_headers["set-cookie"]].flatten.each do |cookie_str|
51
+ unless actual_headers[SET_COOKIE_NAME].nil?
52
+ [actual_headers[SET_COOKIE_NAME]].flatten.each do |cookie_str|
52
53
  parsed_cookie = NaiveCookie.new(cookie_str)
53
54
  error_text, failed = HttpHeadersValidations.assert_cookie_value(parsed_cookie, rules[:cookie_attr])
54
55
  errors.push(error_text) if failed
@@ -73,7 +74,7 @@ def read_policies!(policy_files_names)
73
74
  settings[:cookie_attr].merge!(policy_data['cookie_attr']) unless policy_data['cookie_attr'].nil?
74
75
  settings[:headers_to_avoid].push(policy_data['headers_to_avoid']) unless policy_data['headers_to_avoid'].nil?
75
76
  else
76
- puts "💔 Misconfiguration, file #{file_name}, does not exist."
77
+ puts "[FAILED] Misconfiguration, file #{file_name}, does not exist."
77
78
  exit 1
78
79
  end
79
80
 
@@ -88,13 +89,13 @@ end
88
89
 
89
90
 
90
91
  if request_results.return_code != :ok
91
- puts "🤕 Request to url #{@url} failed - #{request_results.return_code}, bailing out. "
92
+ puts "[FAILED] Request to url #{@url} failed - #{request_results.return_code}, bailing out. "
92
93
  exit 0
93
94
  elsif verify_headers!(actual_headers, read_policies!(@policies))
94
- puts "😎 Success !"
95
+ puts "Success !"
95
96
  exit 0
96
97
  else
97
- puts "😱 Failed !"
98
+ puts "Failed !"
98
99
  exit 1
99
100
  end
100
101
 
data/lib/http_headers_validations.rb CHANGED
@@ -2,9 +2,9 @@ require_relative './http_headers_utils'
2
2
 
3
3
  module HttpHeadersValidations
4
4
 
5
- def self.report(text, failed, icon)
5
+ def self.report(text, failed, status)
6
6
  if failed || HttpHeadersUtils.verbose
7
- puts "\t#{icon} #{text}"
7
+ puts "#{status} #{text}"
8
8
  end
9
9
  end
10
10
 
@@ -15,11 +15,11 @@ module HttpHeadersValidations
15
15
  text = "Expected Header '#{expected_header}' matched!"
16
16
  else
17
17
  failed = true
18
- text = "Expected Header '#{HttpHeadersUtils.bold(expected_header)}' failed! '#{expected_value}' #{HttpHeadersUtils.bold('was')} '#{actual_value}'."
18
+ text = "Expected Header '#{HttpHeadersUtils.bold(expected_header)}' failed! \nExpected Value:\n#{expected_value} \nActual Value:\n#{actual_value}."
19
19
  end
20
- icon = failed ? "🛑" : "🍏"
20
+ status = failed ? "[FAILED]" : "[PASSED]"
21
21
 
22
- report(text, failed, icon)
22
+ report(text, failed, status)
23
23
 
24
24
  return text if failed
25
25
  end
@@ -27,20 +27,20 @@ module HttpHeadersValidations
27
27
  def self.assert_extra_header(actual_header, actual_value, ignored_headers, avoid_headers)
28
28
 
29
29
  if avoid_headers.include? actual_header.downcase
30
- icon = "🛑"
30
+ status = "[FAILED]"
31
31
  failed = true
32
32
  text = "Extra Header '#{actual_header}' is not allowed!"
33
33
  elsif ignored_headers.include? actual_header.downcase
34
- icon = "🍏"
34
+ status = "[PASSED]"
35
35
  failed = false
36
36
  text = "Extra Header '#{actual_header}' marked for ignore!"
37
37
  else
38
- icon = "⚠️"
38
+ status = "[WARNING]"
39
39
  failed = false
40
40
  text = "Warning: Extra Header '#{HttpHeadersUtils.bold(actual_header)}' with value '#{actual_value}' was unexpected."
41
41
  end
42
42
 
43
- report(text, failed, icon)
43
+ report(text, failed, status)
44
44
 
45
45
  return text if failed
46
46
  end
@@ -59,9 +59,9 @@ module HttpHeadersValidations
59
59
  failed = true
60
60
  text = "Missing config for cookie '#{HttpHeadersUtils.bold(parsed_cookie.name)}'."
61
61
  end
62
- icon = failed ? "🛑" : "🍏"
62
+ status = failed ? "[FAILED]" : "[PASSED]"
63
63
 
64
- report(text, failed, icon)
64
+ report(text, failed, status)
65
65
  return [text, failed]
66
66
  end
67
67
 
data/lib/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module HttpHeadersVerifier
2
- VERSION = "1.0.1"
2
+ VERSION = "1.0.3"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: http-headers-verifier
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Avner Cohen
8
- autorequire:
8
+ autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-08-25 00:00:00.000000000 Z
11
+ date: 2024-01-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -96,10 +96,10 @@ executables:
96
96
  extensions: []
97
97
  extra_rdoc_files: []
98
98
  files:
99
+ - ".github/workflows/ruby-rspec.yml"
99
100
  - ".gitignore"
100
101
  - ".rspec"
101
102
  - ".tool-versions"
102
- - ".travis.yml"
103
103
  - CODE_OF_CONDUCT.md
104
104
  - Gemfile
105
105
  - Gemfile.lock
@@ -122,7 +122,7 @@ metadata:
122
122
  homepage_uri: https://github.com/AvnerCohen/http-headers-verifier
123
123
  source_code_uri: https://github.com/AvnerCohen/http-headers-verifier
124
124
  bug_tracker_uri: https://github.com/AvnerCohen/http-headers-verifier/issues
125
- post_install_message:
125
+ post_install_message:
126
126
  rdoc_options: []
127
127
  require_paths:
128
128
  - lib
@@ -137,8 +137,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
137
137
  - !ruby/object:Gem::Version
138
138
  version: '0'
139
139
  requirements: []
140
- rubygems_version: 3.1.4
141
- signing_key:
140
+ rubygems_version: 3.1.2
141
+ signing_key:
142
142
  specification_version: 4
143
143
  summary: Verify a pre-defined HTTP headers configurations.
144
144
  test_files: []
data/.travis.yml DELETED
@@ -1,7 +0,0 @@
1
- ---
2
- sudo: false
3
- language: ruby
4
- cache: bundler
5
- rvm:
6
- - 2.6.3
7
- before_install: gem install bundler -v 1.17.2