Class: SiteInspector::Endpoint::Headers

Inherits:

Check

• Object
• Check
• SiteInspector::Endpoint::Headers

Defined in:

lib/site-inspector/checks/headers.rb

Instance Attribute Summary

Attributes inherited from Check

#endpoint

Instance Method Summary

• #[](header) ⇒ Object
• #all ⇒ Object (also: #headers)

  Returns an array of hashes of downcased key/value header pairs (or an empty hash).

• #click_jacking_protection ⇒ Object
• #click_jacking_protection? ⇒ Boolean
• #content_security_policy ⇒ Object
• #content_security_policy? ⇒ Boolean
• #server ⇒ Object
• #strict_transport_security ⇒ Object

  TODO: kill this.

• #strict_transport_security? ⇒ Boolean

  TODO: kill this.

• #to_h ⇒ Object
• #xss_protection ⇒ Object
• #xss_protection? ⇒ Boolean

  more specific checks than presence of headers.

Methods inherited from Check

enabled=, enabled?, #host, #initialize, #inspect, #name, name, #request, #response

Constructor Details

This class inherits a constructor from SiteInspector::Endpoint::Check

Instance Method Details

#[](header) ⇒ Object

# File 'lib/site-inspector/checks/headers.rb', line 53

def [](header)
  headers[header]
end

#all ⇒ Object Also known as: headers

Returns an array of hashes of downcased key/value header pairs (or an empty hash)

# File 'lib/site-inspector/checks/headers.rb', line 48

def all
  @all ||= response&.headers ? response.headers.transform_keys(&:downcase) : {}
end

#click_jacking_protection ⇒ Object

# File 'lib/site-inspector/checks/headers.rb', line 30

def click_jacking_protection
  headers['x-frame-options']
end

#click_jacking_protection? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/site-inspector/checks/headers.rb', line 15

def click_jacking_protection?
  !!click_jacking_protection
end

#content_security_policy ⇒ Object

# File 'lib/site-inspector/checks/headers.rb', line 26

def content_security_policy
  headers['content-security-policy']
end

#content_security_policy? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/site-inspector/checks/headers.rb', line 11

def content_security_policy?
  !!content_security_policy
end

#server ⇒ Object

# File 'lib/site-inspector/checks/headers.rb', line 34

def server
  headers['server']
end

#strict_transport_security ⇒ Object

TODO: kill this

# File 'lib/site-inspector/checks/headers.rb', line 22

def strict_transport_security
  headers['strict-transport-security']
end

#strict_transport_security? ⇒ Boolean

TODO: kill this

Returns:

• (Boolean)

# File 'lib/site-inspector/checks/headers.rb', line 7

def strict_transport_security?
  !!strict_transport_security
end

#to_h ⇒ Object

# File 'lib/site-inspector/checks/headers.rb', line 57

def to_h
  {
    strict_transport_security: strict_transport_security || false,
    content_security_policy: content_security_policy || false,
    click_jacking_protection: click_jacking_protection || false,
    server: server,
    xss_protection: xss_protection || false
  }
end

#xss_protection ⇒ Object

# File 'lib/site-inspector/checks/headers.rb', line 38

def xss_protection
  headers['x-xss-protection']
end

#xss_protection? ⇒ Boolean

more specific checks than presence of headers

Returns:

• (Boolean)

# File 'lib/site-inspector/checks/headers.rb', line 43

def xss_protection?
  xss_protection == '1; mode=block'
end