mmintel/klz-cables.com
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
cb47add128c1d05de9666c911248dd0e4445ded1
klz-cables.com/scripts/check-security.ts
Marc Mintel b29e08e954
Some checks failed
Build & Deploy / 🔍 Prepare (push) Successful in 18s
Details
Build & Deploy / 🧪 QA (push) Successful in 2m0s
Details
Build & Deploy / 🏗️ Build (push) Successful in 2m49s
Details
Build & Deploy / 🚀 Deploy (push) Successful in 27s
Details
Build & Deploy / 🧪 Smoke Test (push) Successful in 57s
Details
Build & Deploy / ♿ WCAG (push) Successful in 2m29s
Details
Build & Deploy / 🛡️ Quality Gates (push) Failing after 3m42s
Details
Build & Deploy / 📸 Visual Diff (push) Failing after 6m6s
Details
Build & Deploy / ⚡ Lighthouse (push) Successful in 10m55s
Details
Build & Deploy / 🔔 Notify (push) Successful in 3s
Details
feat(ci): add deep quality assertions (html, security, links, spelling)
2026-02-22 00:29:49 +01:00

55 lines
1.6 KiB
TypeScript
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import axios from 'axios';
const targetUrl = process.argv[2] || process.env.NEXT_PUBLIC_BASE_URL || 'http://localhost:3000';
const gatekeeperPassword = process.env.GATEKEEPER_PASSWORD || 'klz2026';
const requiredHeaders = [
'strict-transport-security',
'x-frame-options',
'x-content-type-options',
'referrer-policy',
'content-security-policy',
];
async function main() {
console.log(`\n🛡 Starting Security Headers Scan for: ${targetUrl}\n`);
try {
const response = await axios.head(targetUrl, {
headers: { Cookie: `klz_gatekeeper_session=${gatekeeperPassword}` },
validateStatus: () => true,
});
const headers = response.headers;
let allPassed = true;
const results = requiredHeaders.map((header) => {
const present = !!headers[header];
if (!present) allPassed = false;
return {
Header: header,
Status: present ? '✅ Present' : '❌ Missing',
Value: present
? headers[header].length > 50
? headers[header].substring(0, 47) + '...'
: headers[header]
: 'N/A',
};
});
console.table(results);
if (allPassed) {
console.log(`\n✅ All required security headers are correctly configured!\n`);
process.exit(0);
} else {
console.log(`\n❌ Missing critical security headers. Please update next.config.mjs!\n`);
process.exit(process.env.CI ? 1 : 0); // Don't crash local dev hard if missing, but crash CI
}
} catch (error: any) {
console.error(`❌ Failed to scan headers: ${error.message}`);
process.exit(1);
}
}
main();
Reference in New Issue View Git Blame Copy Permalink