Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixes in headers

Browse Source 
- double word match: Content-Security-Policy matched also X-Content-Security-Policy
- X-UA-Compatible always appeared twice
This commit is contained in:
Dirk 2017-12-01 13:31:43 +01:00
parent 1b7e6630d7
commit 851030ea8f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@ -1668,12 +1668,12 @@ detect_header() {
local spaces="$3"
local -i nr=0
nr=$(grep -Faciw "$key:" $HEADERFILE)
nr=$(grep -Eaicw "^ *$key:" $HEADERFILE)
if [[ $nr -eq 0 ]]; then
HEADERVALUE=""
return 0
elif [[ $nr -eq 1 ]]; then
HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE)
HEADERVALUE=$(grep -Eiaw "^ *$key:" $HEADERFILE)
HEADERVALUE=${HEADERVALUE#*:} # remove leading part=key to colon
HEADERVALUE="$(strip_leading_space "$HEADERVALUE")"
return 1
@ -2319,7 +2319,7 @@ run_cookie_flags() { # ARG1: Path
run_more_flags() {
local good_flags2test="X-Frame-Options X-XSS-Protection X-Content-Type-Options Content-Security-Policy X-Content-Security-Policy X-WebKit-CSP Content-Security-Policy-Report-Only Expect-CT"
local other_flags2test="Access-Control-Allow-Origin Upgrade X-Served-By X-UA-Compatible Referrer-Policy X-UA-Compatible"
local other_flags2test="Access-Control-Allow-Origin Upgrade X-Served-By Referrer-Policy X-UA-Compatible"
local f2t line
local first=true
local spaces=" "