ComputerSurge/shields
3
0
Fork 0
Code Pull Requests 1 Activity
Files
8322bbddaff50615bab1d1ae61baa7fd39c1675b
shields/services/security-headers/security-headers.service.js
Paul Melnikow 33a6c5398d Fix an undefined variable in [GithubPackageJson] (#4113) 
* Fix an undefined variable in [GithubPackageJson]

Make sure this gets linted in the future.

* Run prettier
2019-10-02 21:26:12 +00:00

94 lines
1.8 KiB
JavaScript
Raw Blame History

'use strict'
const Joi = require('@hapi/joi')
const { optionalUrl } = require('../validators')
const { BaseService, NotFound } = require('..')
const queryParamSchema = Joi.object({
url: optionalUrl.required(),
}).required()
const documentation = `
<p>
The <a href="https://securityheaders.com/">Security Headers</a>
provide an easy mechanism to analyze HTTP response headers and
give information on how to deploy missing headers.
</p>
</p>
The scan result will be hidden from the public result list and follow redirects will be on too.
<p>
`
module.exports = class SecurityHeaders extends BaseService {
static get category() {
return 'monitoring'
}
static get route() {
return {
base: '',
pattern: 'security-headers',
queryParamSchema,
}
}
static get examples() {
return [
{
title: 'Security Headers',
namedParams: {},
queryParams: { url: 'https://shields.io' },
staticPreview: this.render({
grade: 'A+',
}),
documentation,
},
]
}
static get defaultBadgeData() {
return {
label: 'security headers',
}
}
static render({ grade }) {
const colorMap = {
'A+': 'brightgreen',
A: 'green',
B: 'yellow',
C: 'yellow',
D: 'orange',
E: 'orange',
F: 'red',
}
return {
message: grade,
color: colorMap[grade],
}
}
async handle(namedParams, { url }) {
const { res } = await this._request({
url: `https://securityheaders.com`,
options: {
method: 'HEAD',
qs: {
q: url,
hide: 'on',
followRedirects: 'on',
},
},
})
const grade = res.headers['x-grade']
if (!grade) {
throw new NotFound({ prettyMessage: 'not available' })
}
return this.constructor.render({ grade })
}
}
View Git Blame Copy Permalink