Nicola Zambello
6e6948b4fd
All checks were successful
Docker CI / release (push) Successful in 3m52s
47 lines
1.3 KiB
JavaScript
47 lines
1.3 KiB
JavaScript
#!/usr/bin/env node
|
||
|
||
import https from 'https';
|
||
import http from 'http';
|
||
|
||
const testUrl = 'https://nzambello.dev';
|
||
|
||
console.log('🔒 Testing Security Headers for', testUrl);
|
||
console.log('=' .repeat(50));
|
||
|
||
const client = testUrl.startsWith('https') ? https : http;
|
||
|
||
client.get(testUrl, (res) => {
|
||
console.log(`Status: ${res.statusCode}`);
|
||
console.log(`Server: ${res.headers.server || 'Not disclosed'}`);
|
||
console.log('\n📋 Security Headers:');
|
||
console.log('-'.repeat(30));
|
||
|
||
const securityHeaders = [
|
||
'content-security-policy',
|
||
'strict-transport-security',
|
||
'x-content-type-options',
|
||
'x-frame-options',
|
||
'referrer-policy',
|
||
'x-xss-protection',
|
||
'permissions-policy'
|
||
];
|
||
|
||
securityHeaders.forEach(header => {
|
||
const value = res.headers[header];
|
||
const status = value ? '✅' : '❌';
|
||
console.log(`${status} ${header}: ${value || 'Not set'}`);
|
||
});
|
||
|
||
console.log('\n🔍 Additional Headers:');
|
||
console.log('-'.repeat(30));
|
||
Object.keys(res.headers).forEach(header => {
|
||
if (!securityHeaders.includes(header.toLowerCase())) {
|
||
console.log(`ℹ️ ${header}: ${res.headers[header]}`);
|
||
}
|
||
});
|
||
|
||
}).on('error', (err) => {
|
||
console.error('❌ Error testing headers:', err.message);
|
||
console.log('\n💡 Make sure the site is running and accessible');
|
||
});
|