securitytxt

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 31, 2020 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const SECURITYTXTSPEC = "draft-foudil-securitytxt-09"

Variables

View Source 
var (
	AcknowledgmentsError = errors.New("invalid field name 'acknowledgements', should be 'acknowledgments' as per section 3.5.1 of " + SECURITYTXTSPEC)
	EmptyValueError      = errors.New("value cannot be empty")
	FieldNameError       = errors.New("field-name should be printable US-ASCII except space and :, as per section 3.6.8 of RFC5322")
	SeparatorError       = errors.New("no ':' found to separate field-name and value, as per section 3.6.8 of RFC5322")
	ValueError           = errors.New("value should be printable US-ASCII except space, as per 'unstructured' syntax in section 3.2.5 of RFC5322")
)

Errors during parsing - basic structure of security.txt is incorrect

View Source 
var DefaultConfig = Config{
	DialTimeout:         20 * time.Second,
	RequestTimeout:      10 * time.Second,
	TLSHandshakeTimeout: 5 * time.Second,
	Insecure:            false,
	StrictRedirect:      false,
}
View Source 
var (
	MissingContactError = errors.New("Mandatory field 'Contact' not present as per section 3.5.3 of " + SECURITYTXTSPEC)
)

Validation errors

View Source 
var Validators = map[string]ValidateFunc{
	"secure-url":  ValidateSecureURL,
	"contact-uri": ValidateContactURI,
	"key-uri":     ValidateKeyURI,
	"rfc5646":     ValidateRFC5646,
}

Functions

func Parse 

func Parse(in []byte, txt *SecurityTxt) error

Parse errors are collected in human-readable form in errors[] such that we have a full report on what's wrong with security.txt

func ValidateContactURI 

func ValidateContactURI(in string) error

func ValidateKeyURI 

func ValidateKeyURI(in string) error

func ValidateRFC5646 

func ValidateRFC5646(in string) error

func ValidateSecureURL 

func ValidateSecureURL(in string) error

Types

type Config 

type Config struct {
	DialTimeout         time.Duration
	RequestTimeout      time.Duration
	TLSHandshakeTimeout time.Duration
	Insecure            bool
	StrictRedirect      bool
}

func NewConfig 

func NewConfig() *Config

type ContentTypeError 

type ContentTypeError struct {
	// contains filtered or unexported fields
}

func (ContentTypeError) Error 

func (e ContentTypeError) Error() string

type DomainBody 

type DomainBody struct {
	// contains filtered or unexported fields
}

type DomainClient 

type DomainClient struct {
	*Config
	// contains filtered or unexported fields
}

func NewDomainClient 

func NewDomainClient(config *Config) (*DomainClient, error)

func (*DomainClient) GetBody 

func (c *DomainClient) GetBody(url string) ([]byte, error)

Returning an error doesn't mean we don't have a body. If we can, we'll always read and return a body

func (*DomainClient) GetDomainBody 

func (c *DomainClient) GetDomainBody(domain string) *DomainBody

Iterate over valid endpoints and retrieve body

func (*DomainClient) GetSecurityTxt 

func (c *DomainClient) GetSecurityTxt(domain string) (*SecurityTxt, error)

type ErrorWrapper 

type ErrorWrapper struct {
	// contains filtered or unexported fields
}

Generic error wrapper to make other error types with

func (ErrorWrapper) Error 

func (e ErrorWrapper) Error() string

func (ErrorWrapper) Unwrap 

func (e ErrorWrapper) Unwrap() error

type Field 

type Field struct {
	Key   string
	Value string
}

type FieldError 

type FieldError struct {
	// contains filtered or unexported fields
}

func NewInvalidTimeError 

func NewInvalidTimeError(f *Field, err error) FieldError

func NewMultipleValueError 

func NewMultipleValueError(f *Field) FieldError

func NewUnknownFieldError 

func NewUnknownFieldError(f *Field) FieldError

func (FieldError) Error 

func (e FieldError) Error() string

type HTTPError 

type HTTPError struct {
	ErrorWrapper
}

func NewContentTypeError 

func NewContentTypeError(contentType string) HTTPError

func NewHTTPError 

func NewHTTPError(err error) HTTPError

func NewRedirectError 

func NewRedirectError(from, to string) HTTPError

type ParseError 

type ParseError struct {
	ErrorWrapper
}

func NewAcknowledgmentsError 

func NewAcknowledgmentsError() ParseError

func NewEmptyValueError 

func NewEmptyValueError() ParseError

func NewFieldNameError 

func NewFieldNameError() ParseError

func NewParseError 

func NewParseError(err error) ParseError

func NewSeparatorError 

func NewSeparatorError() ParseError

func NewValueError 

func NewValueError() ParseError

type RedirectError 

type RedirectError struct {
	// contains filtered or unexported fields
}

func (RedirectError) Error 

func (e RedirectError) Error() string

type SecurityTxt 

type SecurityTxt struct {
	// Official fields
	Acknowledgments    []string `format:"secure-url"`
	Canonical          []string `format:"secure-url"`
	Contact            []string `format:"contact-uri"`
	Encryption         []string `format:"key-uri"`
	Expires            time.Time
	Hiring             []string `format:"secure-url"`
	Policy             []string `format:"secure-url"`
	PreferredLanguages string   `format:"rfc5646"`

	// Other useful fields
	Domain        string
	RetrievedFrom string
	// contains filtered or unexported fields
}

https://tools.ietf.org/html/draft-foudil-securitytxt-09#section-3.5 Note: we don't use the format tag yet.

func New 

func New(in []byte) (*SecurityTxt, error)

New extracts as many fields as possible and returns an error if there is a syntactical error, if the input is signed but the signature is incorrect or if the multiplicity of a field is not according to spec.

func (*SecurityTxt) AssignField 

func (t *SecurityTxt) AssignField(field *Field) error

func (*SecurityTxt) ParseErrors 

func (t *SecurityTxt) ParseErrors() []error

func (*SecurityTxt) Validate 

func (t *SecurityTxt) Validate() error

TODO: Deeper verification to check if everything is exactly to spec

type SignedMessage 

type SignedMessage struct {
	// contains filtered or unexported fields
}

func NewSignedMessage 

func NewSignedMessage(in []byte) (*SignedMessage, error)

func (*SignedMessage) Message 

func (m *SignedMessage) Message() []byte

func (*SignedMessage) Signed 

func (m *SignedMessage) Signed() bool

type SyntaxError 

type SyntaxError struct {
	// contains filtered or unexported fields
}

Wrap error with some context

func (SyntaxError) Error 

func (e SyntaxError) Error() string

func (SyntaxError) Unwrap 

func (e SyntaxError) Unwrap() error

type ValidateFunc 

type ValidateFunc func(string) error

type ValidationError 

type ValidationError struct {
	ErrorWrapper
}

func NewMissingContactError 

func NewMissingContactError() ValidationError

func NewValidationError 

func NewValidationError(err error) ValidationError

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.