nzambello/nzambello.dev
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nzambello.dev/test-security.js

47 lines
1.3 KiB
JavaScript
Raw Normal View History

fix: security headers
2025-08-12 14:35:55 +02:00
#!/usr/bin/env node
import https from 'https';
import http from 'http';
const testUrl = 'https://nzambello.dev';
console.log('🔒 Testing Security Headers for', testUrl);
console.log('=' .repeat(50));
const client = testUrl.startsWith('https') ? https : http;
client.get(testUrl, (res) => {
console.log(`Status: ${res.statusCode}`);
console.log(`Server: ${res.headers.server || 'Not disclosed'}`);
console.log('\n📋 Security Headers:');
console.log('-'.repeat(30));
const securityHeaders = [
'content-security-policy',
'strict-transport-security',
'x-content-type-options',
'x-frame-options',
'referrer-policy',
'x-xss-protection',
'permissions-policy'
];
securityHeaders.forEach(header => {
const value = res.headers[header];
const status = value ? '✅' : '❌';
console.log(`${status} ${header}: ${value || 'Not set'}`);
});
console.log('\n🔍 Additional Headers:');
console.log('-'.repeat(30));
Object.keys(res.headers).forEach(header => {
if (!securityHeaders.includes(header.toLowerCase())) {
console.log(` ${header}: ${res.headers[header]}`);
}
});
}).on('error', (err) => {
console.error('❌ Error testing headers:', err.message);
console.log('\n💡 Make sure the site is running and accessible');
});
Reference in a new issue Copy permalink