mmintel/klz-cables.com
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
v2.0.9
klz-cables.com/scripts/check-security.ts
Marc Mintel b29e08e954
Some checks failed
Build & Deploy / 🔍 Prepare (push) Successful in 18s
Details
Build & Deploy / 🧪 QA (push) Successful in 2m0s
Details
Build & Deploy / 🏗️ Build (push) Successful in 2m49s
Details
Build & Deploy / 🚀 Deploy (push) Successful in 27s
Details
Build & Deploy / 🧪 Smoke Test (push) Successful in 57s
Details
Build & Deploy / ♿ WCAG (push) Successful in 2m29s
Details
Build & Deploy / 🛡️ Quality Gates (push) Failing after 3m42s
Details
Build & Deploy / 📸 Visual Diff (push) Failing after 6m6s
Details
Build & Deploy / ⚡ Lighthouse (push) Successful in 10m55s
Details
Build & Deploy / 🔔 Notify (push) Successful in 3s
Details
feat(ci): add deep quality assertions (html, security, links, spelling)
2026-02-22 00:29:49 +01:00

55 lines
1.6 KiB
TypeScript
Raw Permalink Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import axios from 'axios';
const targetUrl = process.argv[2] || process.env.NEXT_PUBLIC_BASE_URL || 'http://localhost:3000';
const gatekeeperPassword = process.env.GATEKEEPER_PASSWORD || 'klz2026';
const requiredHeaders = [
'strict-transport-security',
'x-frame-options',
'x-content-type-options',
'referrer-policy',
'content-security-policy',
];
async function main() {
console.log(`\n🛡 Starting Security Headers Scan for: ${targetUrl}\n`);
try {
const response = await axios.head(targetUrl, {
headers: { Cookie: `klz_gatekeeper_session=${gatekeeperPassword}` },
validateStatus: () => true,
});
const headers = response.headers;
let allPassed = true;
const results = requiredHeaders.map((header) => {
const present = !!headers[header];
if (!present) allPassed = false;
return {
Header: header,
Status: present ? '✅ Present' : '❌ Missing',
Value: present
? headers[header].length > 50
? headers[header].substring(0, 47) + '...'
: headers[header]
: 'N/A',
};
});
console.table(results);
if (allPassed) {
console.log(`\n✅ All required security headers are correctly configured!\n`);
process.exit(0);
} else {
console.log(`\n❌ Missing critical security headers. Please update next.config.mjs!\n`);
process.exit(process.env.CI ? 1 : 0); // Don't crash local dev hard if missing, but crash CI
}
} catch (error: any) {
console.error(`❌ Failed to scan headers: ${error.message}`);
process.exit(1);
}
}
main();
Reference in New Issue View Git Blame Copy Permalink