Class: CMSScanner::Headers

Inherits:

InterestingFinding

• Object
• InterestingFinding
• CMSScanner::Headers

Defined in:

app/models/headers.rb

Overview

Interesting Headers

Instance Attribute Summary

Attributes inherited from InterestingFinding

#to_s, #url

Instance Method Summary

• #entries ⇒ Hash

  The headers.

• #eql?(other) ⇒ Boolean
• #interesting_entries ⇒ Array<String>

  The interesting headers detected.

• #known_headers ⇒ Array<String>

  Downcased known headers.

Methods inherited from InterestingFinding

#==, #initialize

Constructor Details

This class inherits a constructor from CMSScanner::InterestingFinding

Instance Method Details

#entries ⇒ Hash

Returns The headers.

Returns:

• (Hash) —

  The headers

# File 'app/models/headers.rb', line 5

def entries
  res = NS::Browser.get(url)
  return [] unless res && res.headers
  res.headers
end

#eql?(other) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/headers.rb', line 34

def eql?(other)
  super(other) && interesting_entries == other.interesting_entries
end

#interesting_entries ⇒ Array<String>

Returns The interesting headers detected.

Returns:

• (Array<String>) —

  The interesting headers detected

# File 'app/models/headers.rb', line 12

def interesting_entries
  results = []

  entries.each do |header, value|
    next if known_headers.include?(header.downcase)

    results << "#{header}: #{[*value].join(', ')}"
  end
  results
end

#known_headers ⇒ Array<String>

Returns Downcased known headers.

Returns:

• (Array<String>) —

  Downcased known headers

# File 'app/models/headers.rb', line 24

def known_headers
  %w(
    age accept-ranges cache-control content-type content-length connection date etag expires
    keep-alive location last-modified link pragma set-cookie strict-transport-security
    transfer-encoding vary x-cache x-content-security-policy x-content-type-options
    x-frame-options x-language x-permitted-cross-domain-policies x-pingback x-varnish
    x-webkit-csp x-xss-protection
  )
end