RubyGems - site-inspector - Versions diffs - 1.0.2 → 3.2.0 - Mend

site-inspector 1.0.2 → 3.2.0

Files changed (61) hide show

checksums.yaml +5 -5
data/.gitignore +8 -0
data/.rubocop.yml +42 -0
data/.rubocop_todo.yml +139 -0
data/.ruby-version +1 -0
data/.travis.yml +9 -0
data/Gemfile +7 -0
data/Guardfile +10 -0
data/README.md +189 -0
data/Rakefile +10 -0
data/bin/site-inspector +50 -22
data/lib/cliver/dependency_ext.rb +24 -0
data/lib/site-inspector.rb +62 -615
data/lib/site-inspector/cache.rb +10 -51
data/lib/site-inspector/checks/accessibility.rb +135 -0
data/lib/site-inspector/checks/check.rb +54 -0
data/lib/site-inspector/checks/content.rb +85 -0
data/lib/site-inspector/checks/cookies.rb +45 -0
data/lib/site-inspector/checks/dns.rb +138 -0
data/lib/site-inspector/checks/headers.rb +68 -0
data/lib/site-inspector/checks/hsts.rb +81 -0
data/lib/site-inspector/checks/https.rb +40 -0
data/lib/site-inspector/checks/sniffer.rb +67 -0
data/lib/site-inspector/checks/wappalyzer.rb +62 -0
data/lib/site-inspector/checks/whois.rb +36 -0
data/lib/site-inspector/disk_cache.rb +42 -0
data/lib/site-inspector/domain.rb +271 -0
data/lib/site-inspector/endpoint.rb +217 -0
data/lib/site-inspector/rails_cache.rb +13 -0
data/lib/site-inspector/version.rb +5 -0
data/package-lock.json +505 -0
data/package.json +23 -0
data/script/bootstrap +2 -0
data/script/cibuild +11 -0
data/script/console +3 -0
data/script/pa11y-version +10 -0
data/script/release +38 -0
data/site-inspector.gemspec +42 -0
data/spec/checks/site_inspector_endpoint_accessibility_spec.rb +84 -0
data/spec/checks/site_inspector_endpoint_check_spec.rb +42 -0
data/spec/checks/site_inspector_endpoint_content_spec.rb +117 -0
data/spec/checks/site_inspector_endpoint_cookies_spec.rb +73 -0
data/spec/checks/site_inspector_endpoint_dns_spec.rb +184 -0
data/spec/checks/site_inspector_endpoint_headers_spec.rb +65 -0
data/spec/checks/site_inspector_endpoint_hsts_spec.rb +92 -0
data/spec/checks/site_inspector_endpoint_https_spec.rb +49 -0
data/spec/checks/site_inspector_endpoint_sniffer_spec.rb +150 -0
data/spec/checks/site_inspector_endpoint_wappalyzer_spec.rb +34 -0
data/spec/checks/site_inspector_endpoint_whois_spec.rb +26 -0
data/spec/fixtures/wappalyzer.json +125 -0
data/spec/site_inspector_cache_spec.rb +15 -0
data/spec/site_inspector_disk_cache_spec.rb +39 -0
data/spec/site_inspector_domain_spec.rb +271 -0
data/spec/site_inspector_endpoint_spec.rb +252 -0
data/spec/site_inspector_spec.rb +48 -0
data/spec/spec_helper.rb +19 -0
metadata +204 -63
data/lib/site-inspector/compliance.rb +0 -19
data/lib/site-inspector/dns.rb +0 -92
data/lib/site-inspector/headers.rb +0 -59
data/lib/site-inspector/sniffer.rb +0 -26

data/lib/site-inspector/compliance.rb DELETED

@@ -1,19 +0,0 @@
-class SiteInspector
-  def path_exists?(path)
-    url = URI.join uri, path
-    Typhoeus::Request.get(url, followlocation: true, timeout: 10).success?
-  end
-  def slash_data?
-    @slash_data ||= path_exists?("/data")
-  end
-  def slash_developer?
-    @slash_developer ||= (path_exists?("/developer") || path_exists?("/developers"))
-  end
-  def data_dot_json?
-    @data_dot_json ||= path_exists?("/data.json")
-  end
-end

data/lib/site-inspector/dns.rb DELETED

@@ -1,92 +0,0 @@
-class SiteInspector
-  def resolver
-    require "dnsruby"
-    @resolver ||= begin
-      resolver = Dnsruby::Resolver.new
-      resolver.config.nameserver = ["8.8.8.8", "8.8.4.4"]
-      resolver
-    end
-  end
-  def query(type="ANY")
-    resolver.query(domain.to_s, type).answer
-  rescue
-    []
-  end
-  def dns
-    @dns ||= query
-  end
-  def has_record?(type)
-    dns.any? { |record| record.type == type } || query(type).count != 0
-  end
-  def dnssec?
-    @dnssec ||= has_record? "DNSKEY"
-  end
-  def ipv6?
-    @ipv6 ||= has_record? "AAAA"
-  end
-  def detect_by_hostname(type)
-    haystack = SiteInspector.load_data(type)
-    needle = haystack.find { |name, domain|
-      cnames.any? { |cname|
-        domain == cname.tld || domain == "#{cname.sld}.#{cname.tld}"
-      }
-    }
-    return needle[0] if needle
-    return false unless hostname
-    needle = haystack.find { |name, domain|
-      domain == hostname.tld || domain == "#{hostname.sld}.#{hostname.tld}"
-    }
-    needle ? needle[0] : false
-  end
-  def cdn
-    detect_by_hostname "cdn"
-  end
-  def cdn?
-    !!cdn
-  end
-  def cloud_provider
-    detect_by_hostname "cloud"
-  end
-  def cloud?
-    !!cloud_provider
-  end
-  def google_apps?
-    @google ||= dns.any? do |record|
-      record.type == "MX" && record.exchange =~ /google(mail)?\.com\.?$/
-    end
-  end
-  def ip
-    require 'resolv'
-    @ip ||= Resolv.getaddress domain.to_s
-  rescue Resolv::ResolvError
-    nil
-  end
-  def hostname
-    require 'resolv'
-    @hostname ||= PublicSuffix.parse(Resolv.getname(ip))
-  rescue Exception => e
-    nil
-  end
-  def cnames
-    @cnames ||= dns.select {|record| record.type == "CNAME" }.map { |record| PublicSuffix.parse(record.cname.to_s) }
-  end
-end

data/lib/site-inspector/headers.rb DELETED

@@ -1,59 +0,0 @@
-class SiteInspector
-  # cookies can have multiple set-cookie headers, so this detects
-  # whether cookies are set, but not all their values.
-  def has_cookies?
-    !!headers["set-cookie"]
-  end
-  def strict_transport_security?
-    !!strict_transport_security
-  end
-  def content_security_policy?
-    !!content_security_policy
-  end
-  def click_jacking_protection?
-    !!click_jacking_protection
-  end
-  # return the found header value
-  def strict_transport_security
-    headers["strict-transport-security"]
-  end
-  def content_security_policy
-    headers["content-security-policy"]
-  end
-  def click_jacking_protection
-    headers["x-frame-options"]
-  end
-  def server
-    headers["server"]
-  end
-  def xss_protection
-    headers["x-xss-protection"]
-  end
-  # more specific checks than presence of headers
-  def xss_protection?
-    xss_protection == "1; mode=block"
-  end
-  def secure_cookies?
-    return false if !has_cookies?
-    cookie = headers["set-cookie"]
-    cookie = cookie.first if cookie.is_a?(Array)
-    !!(cookie =~ /(; secure.*; httponly|; httponly.*; secure)/i)
-  end
-  # Returns an array of hashes of downcased key/value header pairs (or an empty hash)
-  def headers
-    @headers ||= response ? Hash[response.headers.map{ |k,v| [k.downcase,v] }] : {}
-  end
-end

data/lib/site-inspector/sniffer.rb DELETED

@@ -1,26 +0,0 @@
-class SiteInspector
-  def sniff(type)
-    require 'sniffles'
-    results = Sniffles.sniff(body, type).select { |name, meta| meta[:found] == true }
-    results.each { |name, result| result.delete :found} if results
-    results
-  rescue
-    nil
-  end
-  def cms
-    sniff :cms
-  end
-  def analytics
-    sniff :analytics
-  end
-  def javascript
-    sniff :javascript
-  end
-  def advertising
-    sniff :advertising
-  end
-end