Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-10 18:50:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixes in headers

Browse Source 
- double word match: Content-Security-Policy matched also X-Content-Security-Policy
- X-UA-Compatible always appeared twice
This commit is contained in:
Dirk 2017-12-01 13:37:23 +01:00
parent a53cb4b971
commit 8ebba5593d
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@ -1554,12 +1554,12 @@ detect_header() {
local spaces="$3" local spaces="$3"
local -i nr=0 local -i nr=0
nr=$(grep -Faciw "$key:" $HEADERFILE) nr=$(grep -Eaicw "^ *$key:" $HEADERFILE)
if [[ $nr -eq 0 ]]; then if [[ $nr -eq 0 ]]; then
HEADERVALUE="" HEADERVALUE=""
return 0 return 0
elif [[ $nr -eq 1 ]]; then elif [[ $nr -eq 1 ]]; then
HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE) HEADERVALUE=$(grep -Eiaw "^ *$key:" $HEADERFILE)
HEADERVALUE=${HEADERVALUE#*:} # remove leading part=key to colon HEADERVALUE=${HEADERVALUE#*:} # remove leading part=key to colon
HEADERVALUE="$(strip_leading_space "$HEADERVALUE")" HEADERVALUE="$(strip_leading_space "$HEADERVALUE")"
return 1 return 1
@ -2150,7 +2150,7 @@ run_cookie_flags() { # ARG1: Path
run_more_flags() { run_more_flags() {
local good_flags2test="X-Frame-Options X-XSS-Protection X-Content-Type-Options Content-Security-Policy X-Content-Security-Policy X-WebKit-CSP Content-Security-Policy-Report-Only" local good_flags2test="X-Frame-Options X-XSS-Protection X-Content-Type-Options Content-Security-Policy X-Content-Security-Policy X-WebKit-CSP Content-Security-Policy-Report-Only"
local other_flags2test="Access-Control-Allow-Origin Upgrade X-Served-By X-UA-Compatible Referrer-Policy X-UA-Compatible" local other_flags2test="Access-Control-Allow-Origin Upgrade X-Served-By Referrer-Policy X-UA-Compatible"
local f2t line local f2t line
local first=true local first=true
local spaces=" " local spaces=" "