class SiteInspector::Endpoint::Hsts

Utility parser for HSTS headers. RFC: tools.ietf.org/html/rfc6797

Public Instance Methods

enabled?() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 26
def enabled?
  return false unless max_age

  max_age.positive?
end
include_subdomains?() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 18
def include_subdomains?
  pairs.key?(:includesubdomains)
end
max_age() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 14
def max_age
  pairs[:"max-age"].to_i
end
preload?() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 22
def preload?
  pairs.key?(:preload)
end
preload_ready?() click to toggle source

Google's minimum max-age for automatic preloading

# File lib/site-inspector/checks/hsts.rb, line 33
def preload_ready?
  include_subdomains? && preload? && max_age >= 10_886_400
end
to_h() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 37
def to_h
  {
    valid: valid?,
    max_age: max_age,
    include_subdomains: include_subdomains?,
    preload: preload?,
    enabled: enabled?,
    preload_ready: preload_ready?
  }
end
valid?() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 8
def valid?
  return false unless header

  pairs.none? { |key, value| "#{key}#{value}" =~ /[\s'"]/ }
end

Private Instance Methods

directives() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 58
def directives
  @directives ||= header ? header.split(/\s*;\s*/) : []
end
header() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 54
def header
  @header ||= headers['strict-transport-security']
end
headers() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 50
def headers
  endpoint.headers
end
pairs() click to toggle source
# File lib/site-inspector/checks/hsts.rb, line 62
def pairs
  @pairs ||= begin
    pairs = {}
    directives.each do |directive|
      key, value = directive.downcase.split('=')

      if /".*"/.match?(value)
        value = value.sub(/^"/, '')
        value = value.sub(/"$/, '')
      end

      pairs[key.to_sym] = value
    end

    pairs
  end
end