mirror of
https://github.com/mgeeky/decode-spam-headers.git
synced 2026-02-22 05:23:31 +01:00
MAESTRO: document web UI setup and tests
This commit is contained in:
Mariusz Banach
@@ -24,7 +24,8 @@ This phase performs final integration, accessibility audit, responsive testing,
|
|||||||
- [x] T050 [P] Run full test suites and verify coverage — `pytest backend/tests/ --cov` ≥80% new modules (NFR-06); `npx vitest run --coverage` ≥80% new components (NFR-07). Add missing tests if coverage is below threshold. Notes: added pytest-cov + coverage-v8 deps; reset legacy adapter context to avoid cross-run state, updated HomePage test for report container; `pytest backend/tests/ --cov` passes and backend/app coverage 82%; `npx vitest run --coverage` passes with 83.35% overall.
|
- [x] T050 [P] Run full test suites and verify coverage — `pytest backend/tests/ --cov` ≥80% new modules (NFR-06); `npx vitest run --coverage` ≥80% new components (NFR-07). Add missing tests if coverage is below threshold. Notes: added pytest-cov + coverage-v8 deps; reset legacy adapter context to avoid cross-run state, updated HomePage test for report container; `pytest backend/tests/ --cov` passes and backend/app coverage 82%; `npx vitest run --coverage` passes with 83.35% overall.
|
||||||
- [x] T051 [P] Verify initial page load <3s on simulated 4G (constitution P7). Use Lighthouse with Slow 4G preset. Target score ≥90. Fix blocking resources or missing lazy-loading if score is below target. Notes: Lighthouse CLI (perf preset, mobile form factor, Slow 4G simulate) on http://localhost:3100 scored 91; LCP 2.46s, TTI 2.55s, FCP 0.75s, no blocking fixes required.
|
- [x] T051 [P] Verify initial page load <3s on simulated 4G (constitution P7). Use Lighthouse with Slow 4G preset. Target score ≥90. Fix blocking resources or missing lazy-loading if score is below target. Notes: Lighthouse CLI (perf preset, mobile form factor, Slow 4G simulate) on http://localhost:3100 scored 91; LCP 2.46s, TTI 2.55s, FCP 0.75s, no blocking fixes required.
|
||||||
- [x] T052 [P] Benchmark analysis performance — full analysis of `backend/tests/fixtures/sample_headers.txt` completes within 10s (NFR-01). Profile slow scanners. Document results. Optimise if any scanner exceeds acceptable threshold. Notes: ran analyzer benchmark (0.34s, 106 tests) and per-scanner profiling; slowest was Domain Impersonation at 239ms. Documented in `docs/research/analysis-performance-benchmark.md`.
|
- [x] T052 [P] Benchmark analysis performance — full analysis of `backend/tests/fixtures/sample_headers.txt` completes within 10s (NFR-01). Profile slow scanners. Document results. Optimise if any scanner exceeds acceptable threshold. Notes: ran analyzer benchmark (0.34s, 106 tests) and per-scanner profiling; slowest was Domain Impersonation at 239ms. Documented in `docs/research/analysis-performance-benchmark.md`.
|
||||||
- [ ] T053 Update `README.md` with web interface section: description, local run instructions for backend (`uvicorn backend.app.main:app`) and frontend (`npm run dev`), environment variable documentation, test run commands (`pytest`, `vitest`, `playwright test`), screenshots placeholder
|
- [x] T053 Update `README.md` with web interface section: description, local run instructions for backend (`uvicorn backend.app.main:app`) and frontend (`npm run dev`), environment variable documentation, test run commands (`pytest`, `vitest`, `playwright test`), screenshots placeholder
|
||||||
|
Notes: added web UI overview, backend/frontend run steps, environment variable tables (WHA + NEXT_PUBLIC), test command blocks, and screenshot placeholders.
|
||||||
|
|
||||||
## Completion
|
## Completion
|
||||||
|
|
||||||
|
|||||||
71
README.md
71
README.md
@@ -17,6 +17,77 @@ Resulting output will contain useful information on why this e-mail might have b
|
|||||||
|
|
||||||
In order to embellish your Phishing HTML code before sending it to your client, you might also want feed it into my [`phishing-HTML-linter.py`](https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/phishing/phishing-HTML-linter.py). It does pretty decent job finding _bad smells_ in your HTML that will get your e-mail with increased Spam-score.
|
In order to embellish your Phishing HTML code before sending it to your client, you might also want feed it into my [`phishing-HTML-linter.py`](https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/phishing/phishing-HTML-linter.py). It does pretty decent job finding _bad smells_ in your HTML that will get your e-mail with increased Spam-score.
|
||||||
|
|
||||||
|
## Web Interface
|
||||||
|
|
||||||
|
The web UI provides an interactive workflow for pasting headers or dropping EML files, configuring checks, running the analysis with live progress, and exporting a report.
|
||||||
|
|
||||||
|
### Local Development
|
||||||
|
|
||||||
|
1. Start the backend API:
|
||||||
|
|
||||||
|
```
|
||||||
|
uvicorn backend.app.main:app --reload --host 0.0.0.0 --port 8000
|
||||||
|
```
|
||||||
|
|
||||||
|
2. Start the frontend:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd frontend
|
||||||
|
npm install
|
||||||
|
npm run dev
|
||||||
|
```
|
||||||
|
|
||||||
|
3. Open `http://localhost:3000` in your browser.
|
||||||
|
|
||||||
|
### Environment Variables
|
||||||
|
|
||||||
|
Backend configuration (defaults shown):
|
||||||
|
|
||||||
|
| Variable | Default | Description |
|
||||||
|
| --- | --- | --- |
|
||||||
|
| `WHA_CORS_ORIGINS` | `http://localhost:3000` | Allowed CORS origins (comma-separated or JSON array). |
|
||||||
|
| `WHA_RATE_LIMIT_REQUESTS` | `60` | Max requests per rate-limit window. |
|
||||||
|
| `WHA_RATE_LIMIT_WINDOW_SECONDS` | `60` | Rate-limit window duration in seconds. |
|
||||||
|
| `WHA_CAPTCHA_SECRET` | random | Secret used to sign CAPTCHA bypass tokens. |
|
||||||
|
| `WHA_CAPTCHA_CHALLENGE_TTL_SECONDS` | `300` | CAPTCHA challenge TTL in seconds. |
|
||||||
|
| `WHA_CAPTCHA_BYPASS_TTL_SECONDS` | `300` | CAPTCHA bypass token TTL in seconds. |
|
||||||
|
| `WHA_ANALYSIS_TIMEOUT_SECONDS` | `30` | Hard timeout for a single analysis in seconds. |
|
||||||
|
| `WHA_DEBUG` | `false` | Enable debug mode. |
|
||||||
|
| `WHA_VERSION` | unset | Overrides the version reported by `/api/health`. |
|
||||||
|
|
||||||
|
Frontend configuration:
|
||||||
|
|
||||||
|
| Variable | Default | Description |
|
||||||
|
| --- | --- | --- |
|
||||||
|
| `NEXT_PUBLIC_API_BASE_URL` | `http://localhost:8000` | Base URL for the backend API. |
|
||||||
|
|
||||||
|
### Tests
|
||||||
|
|
||||||
|
Backend tests:
|
||||||
|
|
||||||
|
```
|
||||||
|
pytest backend/tests/
|
||||||
|
```
|
||||||
|
|
||||||
|
Frontend unit tests and coverage:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd frontend
|
||||||
|
npx vitest run --coverage
|
||||||
|
```
|
||||||
|
|
||||||
|
Frontend E2E tests:
|
||||||
|
|
||||||
|
```
|
||||||
|
cd frontend
|
||||||
|
npx playwright test
|
||||||
|
```
|
||||||
|
|
||||||
|
### Screenshots (Web UI)
|
||||||
|
|
||||||
|
- `TODO: Add header input + controls view`
|
||||||
|
- `TODO: Add analysis progress + report view`
|
||||||
|
|
||||||
|
|
||||||
### Example Screenshots
|
### Example Screenshots
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user