README
¶
Observatory-Scan
The Observatory-Scan performs the scan provided by mozilla (observatory.mozilla.org)
Table Columns
| Column | Description |
|---|---|
| Grade | Grade for the domain |
| Score | Score received for this domain |
| TestsFailed | Number of failed tests |
| TestsPassed | Number of passed tests |
| TestQuantity | Total number of tests |
| CSPPassed | Is true, if CSP has passed the test |
| CSPEval | see below |
| CSPResult | Result of the CSP test |
| CSPDesc | Description of the result |
| CookiesPassed | Is true, if cookies have passed the test |
| CookiesResult | Result of the cookie test |
| CookiesDesc | Description of the result |
| CORSPPassed | Is true, if CORS-Policy has passed the test |
| CORSPResult | Result of the CORS-Policy test |
| CORSPDesc | Description of the result |
| HPKPPassed | Is true, if HPKP has passed the test |
| HPKPResult | Result of the HPKP test |
| HPKPDesc | Description of the result |
| RedirectionPassed | Is true, if the redirection test was passed |
| RedirectionResult | Result of the Redirection test |
| RedirectionDesc | Description of the result |
| HSTSPassed | Is true, if HSTS has passed the test |
| HSTSResult | Result of the HSTS test |
| HSTSDesc | Description of the result |
| SRIPassed | Is true, if SRI test was passed |
| SRIResult | Result of the SRI test |
| SRIDesc | Description of the result |
| XContentTypePassed | Is true, if XContentType test was passed |
| XContentTypeResult | Result of the XContentType test |
| XContentTypeDesc | Description of the result |
| XXSSPassed | Is true, if XXSS test was passed |
| XXSSResult | Result of the XXSS test |
| XXSSDesc | Description of the result |
| XFrameOptionsPassed | Is true, if XFrameOptions test was passed |
| XFrameOptionsResult | Result of the XFrameOptions test |
| XFrameOptionsDesc | Description of the result |
| ScanStatus | Pending: 0, Done: 1, Ignored: 2, Error: 255 |
Details
CSPEval
* 1: No anti-clickjacking
* 2: No default none
* 4: Insecure Base-URI
* 8: Insecure FormAction
* 16: Insecure Scheme: active
* 32: Insecure Scheme: passive
* 64: Strict Dynamic
* 128: Unsafe Eval
* 256: Unsafe Inline
* 512: Unsafe Inline style
* 1024: Unsafe Objects
Configuration
| Field | Possible Values | Description |
|---|---|---|
| Retries | any positive Integer | Numbers of Errors per Domain until the scan of this domain ultimately fails |
| ScanType | 1-5 | Defines for which Protocol the domain is scanned: 1 only HTTPS; 2 only HTTP; 3 Both; 4 Any but HTTPS is preferred; 5 Any but HTTP is preferred |
| ParallelScans | any positive Integer | Number of scans run simultaneous for this API |
| APILocation | URL | Base URL of the API |
| Hidden | boolean | If true, results are not published on the website |
| Rescan | boolean | If true, cached results are not used |
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AnalyzeResult ¶
type AnalyzeResult struct {
EndTime string `json:"end_time"`
Grade string `json:"grade"`
ResponseHeaders struct {
CacheControl string `json:"Cache-Control"`
Connection string `json:"Connection"`
ContentType string `json:"Content-Type"`
Date string `json:"Date"`
Expires string `json:"Expires"`
Server string `json:"Server"`
TransferEncoding string `json:"Transfer-Encoding"`
} `json:"response_headers"`
ScanID int `json:"scan_id"`
Score int `json:"score"`
StartTime string `json:"start_time"`
State string `json:"state"`
TestsFailed int `json:"tests_failed"`
TestsPassed int `json:"tests_passed"`
TestsQuantity int `json:"tests_quantity"`
}
AnalyzeResult is the object to contain the response we get From starting an Observatory-Scan
type Config ¶
type Config struct {
Retries int
ScanType int
ParallelScans int
Hidden bool
Rescan bool
APILocation string
}
CrawlerConfig
type ScanResults ¶
type ScanResults struct {
ContentSecurityPolicy struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data map[string][]string
Http bool
Meta bool
Policy Policy
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"content-security-policy"`
Contribute struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"contribute"`
Cookies struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data map[string]Cookie
SameSite *json.RawMessage // can be boolean or string
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"cookies"`
CrossOriginResourceSharing struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data struct {
Acao interface{} `json:"acao"`
Clientaccesspolicy interface{} `json:"clientaccesspolicy"`
Crossdomain interface{} `json:"crossdomain"`
} `json:"data"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"cross-origin-resource-sharing"`
PublicKeyPinning struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
IncludeSubDomains bool `json:"includeSubDomains"`
MaxAge interface{} `json:"max-age"`
NumPins interface{} `json:"numPins"`
Preloaded bool `json:"preloaded"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"public-key-pinning"`
Redirection struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Destination string `json:"destination"`
Redirects bool `json:"redirects"`
Route []string `json:"route"`
StatusCode int `json:"status_code"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"redirection"`
StrictTransportSecurity struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
IncludeSubDomains bool `json:"includeSubDomains"`
MaxAge interface{} `json:"max-age"`
Preload bool `json:"preload"`
Preloaded bool `json:"preloaded"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"strict-transport-security"`
SubresourceIntegrity struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data struct {
} `json:"data"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"subresource-integrity"`
XContentTypeOptions struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"x-content-type-options"`
XFrameOptions struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"x-frame-options"`
XXSSProtection struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"x-xss-protection"`
//referrer-policy
ReferrerPolicy struct {
Expectation string `json:"expectation"`
Name string `json:"name"`
Output struct {
Data interface{} `json:"data"`
Http bool `json:"http"`
Meta bool `json:"meta"`
} `json:"output"`
Pass bool `json:"pass"`
Result string `json:"result"`
ScoreDescription string `json:"score_description"`
ScoreModifier int `json:"score_modifier"`
} `json:"referrer-policy"`
}
ScanResults are the results we get once we have a finished scan and Query the API for our results
type TableRow ¶
type TableRow struct {
Grade string
Score int
TestsFailed int
TestsPassed int
TestsQuantity int
CSPPassed bool
CSPEval uint16
CSPResult string
CSPDesc string
CookiesPassed bool
CookiesResult string
CookiesDesc string
CORSPassed bool
CORSResult string
CORSDesc string
HPKPPassed bool
HPKPResult string
HPKPDesc string
RedirectionPassed bool
RedirectionResult string
RedirectionDesc string
HSTSPassed bool
HSTSResult string
HSTSDesc string
SRIPassed bool
SRIResult string
SRIDesc string
XContentTypePassed bool
XContentTypeResult string
XContentTypeDesc string
XFrameOptionsPassed bool
XFrameOptionsResult string
XFrameOptionsDesc string
XXSSProtectionPassed bool
XXSSProtectionResult string
XXSSProtectionDesc string
ScanStatus int
//referrer-policy
ReferrerPolicyPassed bool
ReferrerPolicyResult string
ReferrerPolicyDesc string
}
Source Files
Click to show internal directories.
Click to hide internal directories.