Remove hsts age rule (#3827)

canada-ca · Jul 14, 2022 · a84caad · a84caad
1 parent 887a87c
commit a84caad
Show file tree

Hide file tree

Showing 6 changed files with 3 additions and 25 deletions.
diff --git a/guidance/chartSummaryCriteria.json b/guidance/chartSummaryCriteria.json
@@ -13,7 +13,6 @@
                 "https7",
                 "https8",
                 "https9",
-                "https10",
                 "https13",
                 "https14",
                 "https15",

diff --git a/guidance/scanSummaryCriteria.json b/guidance/scanSummaryCriteria.json
@@ -10,7 +10,6 @@
             "https7",
             "https8",
             "https9",
-            "https10",
             "https13",
             "https14",
             "https15"

diff --git a/scanners/https-processor/https_processor.py b/scanners/https-processor/https_processor.py
@@ -89,20 +89,12 @@ def process_https(results, domain_key, user_key, shared_id):
             if isinstance(hsts, str):
                 hsts = hsts.lower()
 
-                if hsts == "hsts max age too short":
-                    negative_tags.append("https10")
-
-                elif hsts == "no hsts":
+                if hsts == "no hsts":
                     negative_tags.append("https9")
 
             # HSTS Age
             hsts_age = results.get("hsts_age", None)
 
-            if hsts_age is not None:
-                if hsts_age < 31536000:
-                    if "https9" not in negative_tags and "https10" not in negative_tags:
-                        negative_tags.append("https10")
-
             # Preload Status
             preload_status = results.get("preload_status", None)
 
@@ -152,7 +144,7 @@ def process_https(results, domain_key, user_key, shared_id):
         "negativeTags": negative_tags,
     }
 
-    hsts_tags = ["https9", "https10"]
+    hsts_tags = ["https9"]
 
     # get https status
     if "https17" in neutral_tags:

diff --git a/scanners/https-processor/result_processor.py b/scanners/https-processor/result_processor.py
@@ -82,20 +82,12 @@ def process_https(results, domain_key, user_key, db, shared_id):
             if isinstance(hsts, str):
                 hsts = hsts.lower()
 
-                if hsts == "hsts max age too short":
-                    negative_tags.append("https10")
-
-                elif hsts == "no hsts":
+                if hsts == "no hsts":
                     negative_tags.append("https9")
 
             # HSTS Age
             hsts_age = results.get("hsts_age", None)
 
-            if hsts_age is not None:
-                if hsts_age < 31536000:
-                    if "https9" not in negative_tags and "https10" not in negative_tags:
-                        negative_tags.append("https10")
-
             # Preload Status
             preload_status = results.get("preload_status", None)
 

diff --git a/services/guidance/guidance.json b/services/guidance/guidance.json
@@ -2436,7 +2436,6 @@
           "https7",
           "https8",
           "https9",
-          "https10",
           "https13",
           "https14",
           "https15"
@@ -2514,7 +2513,6 @@
           "https7",
           "https8",
           "https9",
-          "https10",
           "https13",
           "https14",
           "https15",

diff --git a/services/summaries/tests/test_data.py b/services/summaries/tests/test_data.py
@@ -11,7 +11,6 @@
             "https7",
             "https8",
             "https9",
-            "https10",
             "https11",
             "https12",
             "https13",
@@ -38,7 +37,6 @@
             "https7",
             "https8",
             "https9",
-            "https10",
             "https11",
             "https12",
             "https13",