93 lines
3.0 KiB
Bash
Executable File
93 lines
3.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# =====================================================================
|
|
# csp-hash-test.sh - Test the CSP hash update process
|
|
# =====================================================================
|
|
# This script checks if the CSP hash update process is working properly
|
|
# =====================================================================
|
|
|
|
# Check if base URL is provided
|
|
if [ -z "$1" ]; then
|
|
BASE_URL="http://localhost:8080"
|
|
else
|
|
BASE_URL="$1"
|
|
fi
|
|
|
|
echo "=== Testing CSP Hash Update Process ==="
|
|
echo "Using base URL: $BASE_URL"
|
|
|
|
# Array to track failures
|
|
FAILURES=0
|
|
|
|
# Check if the CSP headers are present
|
|
echo "Checking if CSP headers are present..."
|
|
RESPONSE=$(curl -s -I "$BASE_URL/")
|
|
if echo "$RESPONSE" | grep -q "Content-Security-Policy"; then
|
|
echo "✅ CSP header found in response"
|
|
else
|
|
echo "❌ CSP header not found in response"
|
|
FAILURES=$((FAILURES+1))
|
|
fi
|
|
|
|
# Check if the CSP header contains the required directives
|
|
echo "Checking if CSP header contains required directives..."
|
|
CSP_HEADER=$(curl -s -I "$BASE_URL/" | grep -i "Content-Security-Policy" | sed 's/.*: //')
|
|
|
|
for directive in "default-src" "script-src" "style-src" "img-src" "font-src" "connect-src" "object-src" "frame-ancestors" "base-uri" "form-action"; do
|
|
if echo "$CSP_HEADER" | grep -q "$directive"; then
|
|
echo "✅ CSP header contains $directive directive"
|
|
else
|
|
echo "❌ CSP header does not contain $directive directive"
|
|
FAILURES=$((FAILURES+1))
|
|
fi
|
|
done
|
|
|
|
# Check if JavaScript files have integrity attributes
|
|
echo "Checking if JavaScript files have integrity attributes..."
|
|
for js_file in "theme.js" "includes.js"; do
|
|
HTML=$(curl -s "$BASE_URL/")
|
|
if echo "$HTML" | grep -q "$js_file.*integrity"; then
|
|
echo "✅ $js_file has integrity attribute"
|
|
else
|
|
echo "❌ $js_file does not have integrity attribute"
|
|
FAILURES=$((FAILURES+1))
|
|
fi
|
|
done
|
|
|
|
# Check if CSS files have integrity attributes
|
|
echo "Checking if CSS files have integrity attributes..."
|
|
HTML=$(curl -s "$BASE_URL/")
|
|
if echo "$HTML" | grep -q "styles.css.*integrity"; then
|
|
echo "✅ styles.css has integrity attribute"
|
|
else
|
|
echo "❌ styles.css does not have integrity attribute"
|
|
FAILURES=$((FAILURES+1))
|
|
fi
|
|
|
|
# Check if HTML files have CSP meta tags
|
|
echo "Checking if HTML files have CSP meta tags..."
|
|
HTML=$(curl -s "$BASE_URL/")
|
|
if echo "$HTML" | grep -q '<meta http-equiv="Content-Security-Policy"'; then
|
|
echo "✅ HTML file has CSP meta tag"
|
|
else
|
|
echo "❌ HTML file does not have CSP meta tag"
|
|
FAILURES=$((FAILURES+1))
|
|
fi
|
|
|
|
# Check if the update-csp-hashes.sh script exists
|
|
echo "Checking if update-csp-hashes.sh script exists..."
|
|
if [ -f "$(pwd)/docker/resume/update-csp-hashes.sh" ]; then
|
|
echo "✅ update-csp-hashes.sh script exists"
|
|
else
|
|
echo "❌ update-csp-hashes.sh script does not exist"
|
|
FAILURES=$((FAILURES+1))
|
|
fi
|
|
|
|
# Check if any failures occurred
|
|
if [ "$FAILURES" -eq 0 ]; then
|
|
echo "=== All CSP Hash Tests Passed ==="
|
|
exit 0
|
|
else
|
|
echo "=== CSP Hash Tests Failed: $FAILURES failures ==="
|
|
exit 1
|
|
fi
|