Skip to content

Commit

Permalink
Merge pull request #4 from LeviPesin/patch-3
Browse files Browse the repository at this point in the history 
add_header_redefinition: Report issues with all headers by default
  • Loading branch information
@dvershinin
dvershinin authored Jan 7, 2024
2 parents 9e6bcc9 + 6061b58 commit 65e612a
Showing 1 changed file with 5 additions and 7 deletions.
12 changes: 5 additions & 7 deletions gixy/plugins/add_header_redefinition.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,7 @@ class add_header_redefinition(Plugin):
'See documentation: http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header')
help_url = 'https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/addheaderredefinition.md'
directives = ['server', 'location', 'if']
options = {'headers': set(['x-frame-options',
'x-content-type-options',
'x-xss-protection',
'content-security-policy',
'cache-control'])
}
options = {'headers': set()}

def __init__(self, config):
super(add_header_redefinition, self).__init__(config)
Expand All @@ -42,8 +37,11 @@ def audit(self, directive):
parent_headers = get_headers(parent)
if not parent_headers:
continue

diff = parent_headers - actual_headers

diff = (parent_headers - actual_headers) & self.interesting_headers
if len(self.interesting_headers):
diff = diff & self.interesting_headers

if len(diff):
self._report_issue(directive, parent, diff)
Expand Down

0 comments on commit 65e612a

Please sign in to comment.