richardjkendall · January 20, 2020 07:24
diff --git a/index.js b/index.js
 const axios = require('axios');
 const process = require('process');

 const expectedHeaders = [
  {
    name: "Strict-Transport-Security",
    value: "max-age=63072000"
  },
  {
    name: "X-Frame-Options",
    value: "DENY"
  },
  {
    name: "X-Content-Type-Options",
    value: "nosniff"
  }, 
  {
    name: "X-XSS-Protection",
    value: "1; mode=block"
  },
  {
    name: "Referrer-Policy",
    value: "strict-origin-when-cross-origin"
  }
 ]

 let missingHeaders = [];
 let incorrectHeaders = [];

 axios.get("TEST URL")
 .then(function(response) {
  // we won't get a 'then' because Clouflare will return a 5xx error
 })
 .catch(function(error) {
  // but that's okay because we can still check if the headers are present
  // get response headers
  let headers = error.response.headers;
  // get list of header names in upper case from response
  let headerKeys = Object.keys(headers).map(element => {return element.toUpperCase()});
  // build an associatve array of headers with keys in upper case
  headers = Object.keys(headers).reduce((acc, element) => {
    acc[element.toUpperCase()] = headers[element];
    return acc;
  }, []);
  // check all headers are present
  expectedHeaders.forEach(element => {
    console.log("Checking for header", element.name, "with value:", element.value);
    if(headerKeys.includes(element.name.toUpperCase())) {
      console.log("  -> header is present");
      // check value of header is correct
      if(headers[element.name.toUpperCase()] === element.value) {
        console.log("  -> value is correct");
      } else {
        console.log("  -> value is not correct, expected", element.value, "found", headers[element.name.toUpperCase()]);
        incorrectHeaders.push(element.name);
      }
    } else {
      console.log("  -> header is missing");
      missingHeaders.push(element.name);
    }
  });
  // check final results
  console.log(" ");
  if(missingHeaders.length === 0 && incorrectHeaders == 0) {
    console.log(" *** No issues found ***");
  } else {
    console.log(" *** Issues found ***");
    console.log("  -> missing headers", missingHeaders);
    console.log("  -> incorrect headers", incorrectHeaders);
    process.exit(1);
  }
 });
	const axios = require('axios');
	const process = require('process');

	const expectedHeaders = [
	{
	name: "Strict-Transport-Security",
	value: "max-age=63072000"
	},
	{
	name: "X-Frame-Options",
	value: "DENY"
	},
	{
	name: "X-Content-Type-Options",
	value: "nosniff"
	},
	{
	name: "X-XSS-Protection",
	value: "1; mode=block"
	},
	{
	name: "Referrer-Policy",
	value: "strict-origin-when-cross-origin"
	}
	]

	let missingHeaders = [];
	let incorrectHeaders = [];

	axios.get("TEST URL")
	.then(function(response) {
	// we won't get a 'then' because Clouflare will return a 5xx error
	})
	.catch(function(error) {
	// but that's okay because we can still check if the headers are present
	// get response headers
	let headers = error.response.headers;
	// get list of header names in upper case from response
	let headerKeys = Object.keys(headers).map(element => {return element.toUpperCase()});
	// build an associatve array of headers with keys in upper case
	headers = Object.keys(headers).reduce((acc, element) => {
	acc[element.toUpperCase()] = headers[element];
	return acc;
	}, []);
	// check all headers are present
	expectedHeaders.forEach(element => {
	console.log("Checking for header", element.name, "with value:", element.value);
	if(headerKeys.includes(element.name.toUpperCase())) {
	console.log(" -> header is present");
	// check value of header is correct
	if(headers[element.name.toUpperCase()] === element.value) {
	console.log(" -> value is correct");
	} else {
	console.log(" -> value is not correct, expected", element.value, "found", headers[element.name.toUpperCase()]);
	incorrectHeaders.push(element.name);
	}
	} else {
	console.log(" -> header is missing");
	missingHeaders.push(element.name);
	}
	});
	// check final results
	console.log(" ");
	if(missingHeaders.length === 0 && incorrectHeaders == 0) {
	console.log(" * No issues found *");
	} else {
	console.log(" * Issues found *");
	console.log(" -> missing headers", missingHeaders);
	console.log(" -> incorrect headers", incorrectHeaders);
	process.exit(1);
	}
	});