jab2870
/
Dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

BIN: analyse-headers: fix most shellcheck warnings

Browse Source 
The only checks I haven't fixed are the unused variables for colours. I
may use them in the future so haven't removed them
Jonathan Hodgson 3 years ago
parent 6ac052cd39
commit 984298b29b
1 changed files with 38 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 62
      bin/.bin/webtest/analyse-headers

62
bin/.bin/webtest/analyse-headers
Unescape View File

@ -72,8 +72,10 @@ printKey(){
} }
generic_version_disclosure(){ generic_version_disclosure(){
local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)" local value
local header="$(echo "$1" | cut -d ':' -f 1 | trimWhitespace)" local header
value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
header="$(echo "$1" | cut -d ':' -f 1 | trimWhitespace)"
echo "$header" | drawInBox echo "$header" | drawInBox
wecho -e "The server responds with ${ORANGE}$value${NC} in the \ wecho -e "The server responds with ${ORANGE}$value${NC} in the \
$header header" $header header"
@ -82,7 +84,8 @@ $header header"
} }
test_server(){ test_server(){
local value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)" local value
value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)"
echo "Server" | drawInBox echo "Server" | drawInBox
wecho -e "The server responds with ${ORANGE}$value${NC} in the Server header" wecho -e "The server responds with ${ORANGE}$value${NC} in the Server header"
wecho -e "This is potentially un-necesary information disclosure\n\n" wecho -e "This is potentially un-necesary information disclosure\n\n"
@ -90,7 +93,8 @@ test_server(){
} }
test_x-powered-by(){ test_x-powered-by(){
local value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)" local value
value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)"
echo "X-Powered-By" | drawInBox echo "X-Powered-By" | drawInBox
wecho -e "The server responds with ${ORANGE}$value${NC} in the X-Powered-By header" wecho -e "The server responds with ${ORANGE}$value${NC} in the X-Powered-By header"
wecho -e "This is potentially un-necesary information disclosure\n\n" wecho -e "This is potentially un-necesary information disclosure\n\n"
@ -98,7 +102,8 @@ test_x-powered-by(){
} }
test_x-xss-protection(){ test_x-xss-protection(){
local value="$(echo "$1" | cut -d ':' -f 2 | grep -oE '[0-9]+' )" local value
value="$(echo "$1" | cut -d ':' -f 2 | grep -oE '[0-9]+' )"
if [ "$value" = "1" ]; then if [ "$value" = "1" ]; then
return 0 return 0
else else
@ -112,7 +117,8 @@ of old browsers\n\n"
} }
test_x-frame-options(){ test_x-frame-options(){
local value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)" local value
value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)"
case "$value" in case "$value" in
"SAMEORIGIN"|"DENY") return 0 ;; "SAMEORIGIN"|"DENY") return 0 ;;
"ALLOW-FROM"*) "ALLOW-FROM"*)
@ -183,7 +189,8 @@ text-align: center;
#} #}
test_content-security-policy(){ test_content-security-policy(){
local value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)" local value
value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)"
# TODO: work on content security testing # TODO: work on content security testing
if [ -z "$value" ]; then if [ -z "$value" ]; then
@ -211,10 +218,14 @@ DOM based XSS attacks\n\n"
} }
test_strict-transport-security(){ test_strict-transport-security(){
local value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)" local value
local ret=0 local ret
local output="" local output
local maxAge="$(echo "$value" | grep -oE 'max-age=[0-9]+' | local maxAge
value="$(echo "$1" | cut -d ':' -f 2 | trimWhitespace)"
ret=0
output=""
maxAge="$(echo "$value" | grep -oE 'max-age=[0-9]+' |
grep -oE '[0-9]+')" grep -oE '[0-9]+')"
if [ "$maxAge" -lt "31536000" ]; then if [ "$maxAge" -lt "31536000" ]; then
@ -243,10 +254,14 @@ channel.\n\n"
} }
test_set-cookie(){ test_set-cookie(){
local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)" local value
local cookieName="$(echo "$value" | cut -d '=' -f 1)" local cookieName
local ret=0 local ret
local output="" local output
value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
cookieName="$(echo "$value" | cut -d '=' -f 1)"
ret=0
output=""
if ! echo "$value" | grep -q "HttpOnly"; then if ! echo "$value" | grep -q "HttpOnly"; then
echo "$value" echo "$value"
@ -287,7 +302,6 @@ used to allow or disallow certain browser features or apis in the interest of \
security.\n\n" security.\n\n"
return 2 return 2
fi fi
local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
} }
test_feature-policy(){ test_feature-policy(){
@ -306,11 +320,11 @@ header but should still be included for legacy browsers.
It has been highlighted because the Permissions-policy header wasn't found.\n\n" It has been highlighted because the Permissions-policy header wasn't found.\n\n"
return 2 return 2
fi fi
local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
} }
test_expect-ct(){ test_expect-ct(){
local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)" local value
value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
if [ -z "$1" ]; then if [ -z "$1" ]; then
echo "Expect-CT" | drawInBox echo "Expect-CT" | drawInBox
wecho "When a site enables the Expect-CT header, they are requesting \ wecho "When a site enables the Expect-CT header, they are requesting \
@ -334,7 +348,8 @@ expired in June 2021.\n\n"
} }
test_referer-policy-ct(){ test_referer-policy-ct(){
local value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)" local value
value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
if [ -z "$1" ]; then if [ -z "$1" ]; then
echo "Referrer-Policy" | drawInBox echo "Referrer-Policy" | drawInBox
wecho "The Referrer-Policy HTTP header controls how much referrer \ wecho "The Referrer-Policy HTTP header controls how much referrer \
@ -394,7 +409,6 @@ done
set -- "${options[@]}" set -- "${options[@]}"
unset options unset options
followRedirect="false"
# Read the options and set stuff # Read the options and set stuff
while [[ $1 = -?* ]]; do while [[ $1 = -?* ]]; do
@ -436,9 +450,9 @@ echo ""
echo "$headers" | sed -n '1p' echo "$headers" | sed -n '1p'
while read line; do while read -r line; do
headerKey="$(echo "$line" | cut -d ':' -f1)" headerKey="$(echo "$line" | cut -d ':' -f1)"
lowercase="$(echo "$headerKey" | tr '[A-Z]' '[a-z]')" lowercase="$(echo "$headerKey" | tr '[:upper:]' '[:lower:]')"
missingHeaders="$(echo -n "$missingHeaders" | sed '/'"$lowercase"'/d')" missingHeaders="$(echo -n "$missingHeaders" | sed '/'"$lowercase"'/d')"
functionName="test_$lowercase" functionName="test_$lowercase"
if declare -f "$functionName" > /dev/null; then if declare -f "$functionName" > /dev/null; then
@ -453,9 +467,9 @@ while read line; do
else else
echo "$line" echo "$line"
fi fi
done<<<$(echo "$headers" | sed '1d') # We don't want the initial http banner done<<<"$(echo "$headers" | sed '1d')" # We don't want the initial http banner
echo "$missingHeaders" | while read line; do echo "$missingHeaders" | while read -r line; do
echo -e "${RED}$line${NC}" echo -e "${RED}$line${NC}"
functionName="test_$line" functionName="test_$line"
"$functionName" >> "$tmpfile" "$functionName" >> "$tmpfile"

Write Preview
Loading…
Cancel
Save