happyDomain/checker-http
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
checker-http/checker
History
Pierre-Olivier Mercier a652692ba4 checker: align X-XSS-Protection severities with OWASP 
Absent is now OK (OWASP recommends leaving it unset or set to 0),
and filtering mode (bare 1 or 1; report=...) is Warn since selective
script rewriting can itself introduce XSS. 1; mode=block stays Info.
2026-06-18 10:52:31 +09:00
..
collect.go checker: build host FQDN from subdomain + apex at service scope 2026-04-30 08:57:31 +07:00
collect_test.go Initial commit 2026-04-28 18:42:11 +07:00
collector.go checker: validate security.txt is a real RFC 9116 file 2026-06-14 18:14:00 +09:00
collector_honeypot.go checker: add honeypot-path collector and rules 2026-06-13 16:25:21 +09:00
collector_root.go Initial commit 2026-04-28 18:42:11 +07:00
collector_wellknown.go checker: probe well-known URIs concurrently 2026-06-14 18:14:00 +09:00
definition.go checker: build host FQDN from subdomain + apex at service scope 2026-04-30 08:57:31 +07:00
header_rule.go Deepen CSP, Permissions-Policy and cookie audits 2026-04-28 18:43:07 +07:00
headers.go Deepen CSP, Permissions-Policy and cookie audits 2026-04-28 18:43:07 +07:00
interactive.go Initial commit 2026-04-28 18:42:11 +07:00
iter.go Initial commit 2026-04-28 18:42:11 +07:00
provider.go Initial commit 2026-04-28 18:42:11 +07:00
provider_test.go checker: build host FQDN from subdomain + apex at service scope 2026-04-30 08:57:31 +07:00
registry.go Initial commit 2026-04-28 18:42:11 +07:00
rules.go Initial commit 2026-04-28 18:42:11 +07:00
rules_cookies.go Deepen CSP, Permissions-Policy and cookie audits 2026-04-28 18:43:07 +07:00
rules_cookies_rfc6265bis.go Add RFC 6265bis cookie checks: name prefixes and per-cookie size 2026-04-28 18:42:45 +07:00
rules_cookies_rfc6265bis_test.go Add RFC 6265bis cookie checks: name prefixes and per-cookie size 2026-04-28 18:42:45 +07:00
rules_cookies_test.go Deepen CSP, Permissions-Policy and cookie audits 2026-04-28 18:43:07 +07:00
rules_honeypot.go checker: add honeypot-path collector and rules 2026-06-13 16:25:21 +09:00
rules_honeypot_test.go checker: add honeypot-path collector and rules 2026-06-13 16:25:21 +09:00
rules_modern_headers.go Deepen CSP, Permissions-Policy and cookie audits 2026-04-28 18:43:07 +07:00
rules_modern_headers_test.go Deepen CSP, Permissions-Policy and cookie audits 2026-04-28 18:43:07 +07:00
rules_reachability.go Initial commit 2026-04-28 18:42:11 +07:00
rules_reachability_test.go Initial commit 2026-04-28 18:42:11 +07:00
rules_redirect.go checker: judge HTTPS redirect by chain, not FinalURL 2026-06-18 10:35:28 +09:00
rules_redirect_chain.go Add redirect-chain rules per RFC 9110 §15.4 2026-04-28 18:42:54 +07:00
rules_redirect_chain_test.go Add redirect-chain rules per RFC 9110 §15.4 2026-04-28 18:42:54 +07:00
rules_redirect_test.go checker: judge HTTPS redirect by chain, not FinalURL 2026-06-18 10:35:28 +09:00
rules_security_headers.go checker: align X-XSS-Protection severities with OWASP 2026-06-18 10:52:31 +09:00
rules_security_headers_test.go checker: align X-XSS-Protection severities with OWASP 2026-06-18 10:52:31 +09:00
rules_sri.go Initial commit 2026-04-28 18:42:11 +07:00
rules_sri_test.go Initial commit 2026-04-28 18:42:11 +07:00
rules_test.go Initial commit 2026-04-28 18:42:11 +07:00
rules_wellknown.go checker: validate security.txt is a real RFC 9116 file 2026-06-14 18:14:00 +09:00
rules_wellknown_test.go checker: validate security.txt is a real RFC 9116 file 2026-06-14 18:14:00 +09:00
service.go checker: build host FQDN from subdomain + apex at service scope 2026-04-30 08:57:31 +07:00
testhelpers_test.go Initial commit 2026-04-28 18:42:11 +07:00
types.go checker: build host FQDN from subdomain + apex at service scope 2026-04-30 08:57:31 +07:00