Browse Source

Don’t fail all check if HSTS fail

master
Aeris 4 years ago
parent
commit
4b680c6eec
1 changed files with 8 additions and 2 deletions
  1. 8
    2
      lib/cryptcheck/tls/https/server.rb

+ 8
- 2
lib/cryptcheck/tls/https/server.rb View File

@@ -15,7 +15,13 @@ module CryptCheck
port = @port == 443 ? '' : ":#{@port}"

begin
response = ::HTTParty.head "https://#{@hostname}#{port}/", { follow_redirects: false, verify: false, timeout: SSL_TIMEOUT }
response = ::HTTParty.head "https://#{@hostname}#{port}/",
{
follow_redirects: false,
verify: false,
timeout: SSL_TIMEOUT,
ssl_version: self.supported_protocols.first
}
if header = response.headers['strict-transport-security']
name, value = header.split '='
if name == 'max-age'
@@ -24,7 +30,7 @@ module CryptCheck
return
end
end
rescue ::Net::OpenTimeout
rescue
end

Logger.info { 'No HSTS'.colorize :yellow }

Loading…
Cancel
Save