site-inspector 0.1.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/bin/site-inspector +15 -0
  3. data/lib/site-inspector/dns.rb +1 -1
  4. data/lib/site-inspector/headers.rb +14 -22
  5. data/lib/site-inspector.rb +2 -2
  6. metadata +5 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7ba79a277c6611844c2628263b41f8953274bd7a
4
- data.tar.gz: bf7e16d237c56018c62977ea0c4aed2df751b83b
3
+ metadata.gz: 4942c0885c9e08824ecde08d6b29864ef028f94f
4
+ data.tar.gz: 95b45f2c948946eca91f1d37c46b9c868afb6aa3
5
5
  SHA512:
6
- metadata.gz: ff18940993447863687a4c0fb5815f753f8cc6d176df67d005f46d30758cfac4e446c099e058544faf6e792a1c378f9c36526e66212c97910039f109a022b9b2
7
- data.tar.gz: f756567dc72bff09822b3d9da45d85d9143ff8eeb5bc86a60ca091da29a286a4ce6d06c35154bfc02010154da0950d5255dc9865917abcbdd6a00847639e83ee
6
+ metadata.gz: 5a953be1f1a17923acfd4b1565ca3ceca28a0b06dc64bf4e9caa9308865496134de31fcde53b1562263dd77ebf7c3aabba3c421ee965040f08d145e2a344093e
7
+ data.tar.gz: 7e9af2ba7bc62fb0bc4895acb5d99c500673cbb664ba457cd7f00d9a5c90102fbb16bba960fff7d3df6ffa62b0c61312f418058e008e96df8bbc77ae6b25418a
data/bin/site-inspector ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require_relative "../lib/site-inspector"
4
+ require "json"
5
+
6
+ domain = ARGV[0]
7
+
8
+ if domain.to_s.empty?
9
+ puts "Usage: site-inspector [DOMAIN]"
10
+ exit 1
11
+ end
12
+
13
+ details = SiteInspector.new(domain).to_hash
14
+
15
+ puts JSON.pretty_generate(details)
data/lib/site-inspector/dns.rb CHANGED
@@ -15,7 +15,7 @@ class SiteInspector
15
15
  end
16
16
 
17
17
  def dnssec?
18
- @dnssec ||= dns.any? { |record| record.type == "DNSKEY" }
18
+ @dnssec ||= query("DNSKEY").count != 0
19
19
  end
20
20
 
21
21
  def ipv6?
data/lib/site-inspector/headers.rb CHANGED
@@ -1,8 +1,9 @@
1
1
  class SiteInspector
2
2
 
3
- # the ? versions could maybe just be dropped
3
+ # cookies can have multiple set-cookie headers, so this detects
4
+ # whether cookies are set, but not all their values.
4
5
  def has_cookies?
5
- !!has_cookies
6
+ !!headers["set-cookie"]
6
7
  end
7
8
 
8
9
  def strict_transport_security?
@@ -19,28 +20,24 @@ class SiteInspector
19
20
 
20
21
  # return the found header value
21
22
 
22
- def has_cookies
23
- header_from("Set-Cookie")
24
- end
25
-
26
23
  def strict_transport_security
27
- header_from("Strict-Transport-Security")
24
+ headers["strict-transport-security"]
28
25
  end
29
26
 
30
27
  def content_security_policy
31
- header_from("Content-Security-Policy")
28
+ headers["content-security-policy"]
32
29
  end
33
30
 
34
31
  def click_jacking_protection
35
- header_from("X-Frame-Options")
32
+ headers["x-frame-options"]
36
33
  end
37
34
 
38
35
  def server
39
- header_from("Server")
36
+ headers["server"]
40
37
  end
41
38
 
42
39
  def xss_protection
43
- header_from("X-XSS-Protection")
40
+ headers["x-xss-protection"]
44
41
  end
45
42
 
46
43
  # more specific checks than presence of headers
@@ -49,19 +46,14 @@ class SiteInspector
49
46
  end
50
47
 
51
48
  def secure_cookies?
52
- return nil if !response || !has_cookies?
53
- cookie = header_from("Set-Cookie")
49
+ return nil if !has_cookies?
50
+ cookie = headers["set-cookie"]
54
51
  cookie = cookie.first if cookie.is_a?(Array)
55
- marked_secure = !!(cookie.downcase =~ /secure/)
56
- marked_http_only = !!(cookie.downcase =~ /httponly/)
57
- marked_secure and marked_http_only
52
+ !!(cookie =~ /(; secure.*; httponly|; httponly.*; secure)/i)
58
53
  end
59
54
 
60
- # helper function: case-insensitive sweep for header, return value
61
- def header_from(header)
62
- return nil unless response
63
-
64
- the_header = response.headers.keys.find {|h| h.downcase =~ /^#{header.downcase}/}
65
- response.headers[the_header]
55
+ # Returns an array of hashes of downcased key/value header pairs (or nil)
56
+ def headers
57
+ @headers ||= Hash[response.headers.map{ |k,v| [k.downcase,v] }] if response
66
58
  end
67
59
  end
data/lib/site-inspector.rb CHANGED
@@ -124,10 +124,10 @@ class SiteInspector
124
124
  end
125
125
 
126
126
  def to_json
127
- as_json.to_json
127
+ to_hash.to_json
128
128
  end
129
129
 
130
- def as_json
130
+ def to_hash
131
131
  {
132
132
  :domain => domain.to_s,
133
133
  :uri => uri.to_s,
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: site-inspector
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ben Balter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-12-03 00:00:00.000000000 Z
11
+ date: 2015-02-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -222,11 +222,13 @@ dependencies:
222
222
  version: '1.0'
223
223
  description: Returns information about a domain's technology and capabilities
224
224
  email: ben@balter.com
225
- executables: []
225
+ executables:
226
+ - site-inspector
226
227
  extensions: []
227
228
  extra_rdoc_files: []
228
229
  files:
229
230
  - LICENSE
231
+ - bin/site-inspector
230
232
  - lib/data/cdn.yml
231
233
  - lib/data/cloud.yml
232
234
  - lib/site-inspector.rb