Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-17 09:22:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(rating): HSTS not offered does not give a warning

Browse Source
This commit is contained in:
Magnus Larsen
2025-07-09 09:41:11 +02:00
parent 3e465bafe2
commit 198a5f0c30
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
testssl.sh
View File

@ -2820,6 +2820,7 @@ run_hsts() {
if ! is_number "$hsts_age_sec"; then if ! is_number "$hsts_age_sec"; then
pr_svrty_medium "misconfiguration: \'"$hsts_age_sec"\' is not a valid max-age specification" pr_svrty_medium "misconfiguration: \'"$hsts_age_sec"\' is not a valid max-age specification"
fileout "${jsonID}_time" "MEDIUM" "misconfiguration, specified not a number for max-age" fileout "${jsonID}_time" "MEDIUM" "misconfiguration, specified not a number for max-age"
set_grade_warning "HSTS max-age is misconfigured"
else else
if [[ -n $hsts_age_sec ]]; then if [[ -n $hsts_age_sec ]]; then
hsts_age_days=$(( hsts_age_sec / 86400)) hsts_age_days=$(( hsts_age_sec / 86400))
@ -2859,7 +2860,6 @@ run_hsts() {
else else
pr_svrty_low "not offered" pr_svrty_low "not offered"
fileout "$jsonID" "LOW" "not offered" fileout "$jsonID" "LOW" "not offered"
set_grade_warning "HSTS is disabled"
fi fi
outln outln