{ "info": { "author": "April King", "author_email": "april@mozilla.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: Web Environment", "Intended Audience :: Developers", "Intended Audience :: System Administrators", "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)", "Natural Language :: English", "Topic :: Internet :: WWW/HTTP :: HTTP Servers", "Topic :: Security", "Topic :: Software Development :: Quality Assurance" ], "description": "Mozilla HTTP Observatory :: Command Line Utility\n================================================\n\nThis repository is for the HTTP Observatory command line utility. If\nyou're looking for the code for the HTTP Observatory itself, it can be\nfound `here `__.\n\nGetting started with the HTTP Observatory\n-----------------------------------------\n\nFirst, install the client:\n\n.. code:: bash\n\n $ pip install httpobs-cli\n\nAnd then scan websites to your heart's content, using our hosted\nservice:\n\n::\n\n $ httpobs www.mozilla.org\n Score: 30 [E]\n Modifiers:\n [ -5] Initial redirection from http to https is to a different host, preventing HSTS\n [ -5] Subresource Integrity (SRI) not implemented, but all external scripts are loaded over https\n [ -5] X-Content-Type-Options header not implemented\n [ -10] X-XSS-Protection header not implemented\n [ -20] HTTP Strict Transport Security (HSTS) header not implemented\n [ -25] Content Security Policy (CSP) header not implemented\n\n $ httpobs www.google.com\n Score: 35 [D-]\n Modifiers:\n [ +5] Preloaded via the HTTP Public Key Pinning (HPKP) preloading process\n [ -5] X-Content-Type-Options header not implemented\n [ -20] Cookies set without using the Secure flag or set over http\n [ -20] HTTP Strict Transport Security (HSTS) header not implemented\n [ -25] Content Security Policy (CSP) header not implemented\n\n $ httpobs --zero github.com\n Score: 120 [A+]\n Modifiers:\n [ +5] HTTP Public Key Pinning (HPKP) header set to a minimum of 15 days (1296000)\n [ +5] Preloaded via the HTTP Strict Transport Security (HSTS) preloading process\n [ +5] Subresource Integrity (SRI) is implemented and all scripts are loaded from a similar origin\n [ +5] X-Frame-Options (XFO) implemented via the CSP frame-ancestors directive\n [ 0] All cookies use the Secure flag and all session cookies use the HttpOnly flag\n [ 0] Content Security Policy (CSP) implemented with 'unsafe-inline' inside style-src\n [ 0] Content is not visible via cross-origin resource sharing (CORS) files or headers\n [ 0] Contribute.json isn't required on websites that don't belong to Mozilla\n [ 0] Initial redirection is to https on same host, final destination is https\n [ 0] X-Content-Type-Options header set to \"nosniff\"\n [ 0] X-XSS-Protection header set to \"1; mode=block\"\n\nIf you want additional options, such as to see the raw scan output, use\n``httpobs --help``:\n\n::\n\n $ httpobs --help\n usage: httpobs [options] host\n\n positional arguments:\n host hostname of the website to scan\n\n optional arguments:\n -h, --help show this help message and exit\n -d, --debug output only raw JSON from scan and tests\n -r, --rescan initiate a rescan instead of showing recent scan results\n -v, --verbose display progress indicator\n -x, --hidden don't list scan in the recent scan results\n -z, --zero show test results that don't affect the final score\n\nAuthors\n-------\n\n- April King\n\nLicense\n-------\n\n- Mozilla Public License Version 2.0", "description_content_type": null, "docs_url": null, "download_url": "https://github.com/mozilla/http-observatory-cli/httpobs-cli/tarball/1.0.2", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/mozilla/http-observatory-cli", "keywords": null, "license": "MPL 2.0", "maintainer": null, "maintainer_email": null, "name": "httpobs-cli", "package_url": "https://pypi.org/project/httpobs-cli/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/httpobs-cli/", "project_urls": { "Download": "https://github.com/mozilla/http-observatory-cli/httpobs-cli/tarball/1.0.2", "Homepage": "https://github.com/mozilla/http-observatory-cli" }, "release_url": "https://pypi.org/project/httpobs-cli/1.0.2/", "requires_dist": null, "requires_python": null, "summary": "HTTP Observatory: a command line tool to scan your website", "version": "1.0.2" }, "last_serial": 2065979, "releases": { "1.0.1": [ { "comment_text": "", "digests": { "md5": "4f77eb0c3bf72ab4923810039fcf4d8d", "sha256": "0df94c187f06a64d349c1646684d28edda6775a61f4ea6a3088618f251af4231" }, "downloads": -1, "filename": "httpobs-cli-1.0.1.tar.gz", "has_sig": false, "md5_digest": "4f77eb0c3bf72ab4923810039fcf4d8d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10276, "upload_time": "2016-04-15T17:46:35", "url": "https://files.pythonhosted.org/packages/e7/3a/63877df1cca1885b10737188ca531a04ba6b1dd9c1463061bb6ff0453c95/httpobs-cli-1.0.1.tar.gz" } ], "1.0.2": [ { "comment_text": "", "digests": { "md5": "4924b49db78f340922a58317860ba5ea", "sha256": "6499b99b4298e9a217361bff7c8679954fd966891e02eb4bdbe0d4f95b02e67f" }, "downloads": -1, "filename": "httpobs-cli-1.0.2.tar.gz", "has_sig": false, "md5_digest": "4924b49db78f340922a58317860ba5ea", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11825, "upload_time": "2016-04-15T18:19:08", "url": "https://files.pythonhosted.org/packages/d8/5e/798da17abe2975129f76a59a48f165c07eaab3e35d71a7907d5e136c9664/httpobs-cli-1.0.2.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "4924b49db78f340922a58317860ba5ea", "sha256": "6499b99b4298e9a217361bff7c8679954fd966891e02eb4bdbe0d4f95b02e67f" }, "downloads": -1, "filename": "httpobs-cli-1.0.2.tar.gz", "has_sig": false, "md5_digest": "4924b49db78f340922a58317860ba5ea", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11825, "upload_time": "2016-04-15T18:19:08", "url": "https://files.pythonhosted.org/packages/d8/5e/798da17abe2975129f76a59a48f165c07eaab3e35d71a7907d5e136c9664/httpobs-cli-1.0.2.tar.gz" } ] }