Class: Contrast::Agent::Assess::Rule::Response::HSTSHeader
- Inherits:
-
HeaderRule
- Object
- BaseRule
- HeaderRule
- Contrast::Agent::Assess::Rule::Response::HSTSHeader
- Defined in:
- lib/contrast/agent/assess/rule/response/hsts_header_rule.rb
Overview
This rule checks if the HTTP Headers include HSTS header and ensures that the max-age value is set to a value greater than 0.
Constant Summary collapse
- HEADER_KEYS =
%w[Strict-Transport-Security].cs__freeze
- ACCEPTED_VALUES =
[/max-age=(\.)?\d+(\.\d*)?/].cs__freeze
- DEFAULT_SAFE =
false
Constants inherited from HeaderRule
Contrast::Agent::Assess::Rule::Response::HeaderRule::HEADER_TYPE
Constants inherited from BaseRule
Instance Method Summary collapse
Methods inherited from HeaderRule
#analyze_response?, #headers?, #violated?
Methods inherited from BaseRule
Instance Method Details
#rule_id ⇒ Object
19 20 21 |
# File 'lib/contrast/agent/assess/rule/response/hsts_header_rule.rb', line 19 def rule_id 'hsts-header-missing' end |