Documentation
¶
Overview ¶
internal/analysis/passive/headers/analyzer.go
Index ¶
Constants ¶
const MinHstsMaxAge = 15552000
Defines the minimum acceptable HSTS max-age (6 months in seconds).
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type HeadersAnalyzer ¶
type HeadersAnalyzer struct {
core.BaseAnalyzer
}
HeadersAnalyzer is a passive analysis module that inspects HTTP response headers for security misconfigurations, missing protective headers, and information disclosure. It embeds `core.BaseAnalyzer` to satisfy the standard analyzer interface.
func NewHeadersAnalyzer ¶
func NewHeadersAnalyzer() *HeadersAnalyzer
NewHeadersAnalyzer creates a new instance of the HeadersAnalyzer. It sets up the base analyzer with its name, description, and type.
func (*HeadersAnalyzer) Analyze ¶
func (a *HeadersAnalyzer) Analyze(ctx context.Context, analysisCtx *core.AnalysisContext) error
Analyze is the main entry point for the header analysis. It extracts the HTTP response headers from the HAR artifact in the `AnalysisContext`, and then runs a series of checks for missing headers, weak configurations (like HSTS and CSP), and information disclosure.
Source Files