Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
tree: 3e39a73e76
Fetching contributors…

Cannot retrieve contributors at this time

executable file 94 lines (83 sloc) 2.779 kb
#!/usr/bin/env node
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
const
https = require('https'),
und = require('underscore'),
util = require('util'),
primary = require('../lib/primary'),
logging = require('../lib/logging.js');
logging.enableConsoleLogging();
if (process.argv.length !== 3) {
console.log('Checks to see if a domain has a proper declaration of support as a browserid primary');
console.log('Usage:', process.argv[1], '<domain>');
process.exit(1);
}
var domain = process.argv[2];
primary.checkSupport(domain, function(err, urls, publicKey) {
if (err) {
process.stderr.write("error: " + err + "\n");
process.exit(1);
}
console.log('Priary domain: ', domain);
console.log('Public Key: ', publicKey);
getResource('auth', urls.auth, urls, function () {
getResource('prov', urls.prov, urls);
});
});
/**
* Retrieve one of their urls and examine aspects of it for issues
*/
function getResource(mode, url, urls, cb) {
console.log('Checking ', url);
var body = "",
r = https.request({
host: domain,
path: url,
method: 'GET'
}, checkResource(urls, body));
r.on('data', function (chunk) {
body += chunk;
});
r.on('error', function (e) {
console.log("ERROR: ", e.message);
});
r.on('close', function () {
var includes = {
'auth': '/authentication_api.js',
'prov': '/provisioning_api.js'
};
if (body.indexOf(util.format("https://browserid.org%s", includes[mode])) == -1 &&
body.indexOf(util.format("https://diresworb.org%s", includes[mode])) == -1 &&
body.indexOf(util.format("https://dev.diresworb.org%s", includes[mode])) == -1) {
console.log(util.format("WARNING: No https://browserid.org/%s script tag detected", includes[mode]));
}
if (cb) {
cb();
}
});
r.end();
};
/**
* Called once we have a response.
*
* Do the provisioning and signin resources look kosher?
*/
function checkResource (urls, body) {
return function (resp) {
// Their are no X-Frame options
if (resp.statusCode != 200) {
console.log("ERROR: HTTP status code=", resp.statusCode);
} else {
var xframe = und.filter(Object.keys(resp.headers), function (header) {
return header.toLowerCase() == 'x-frame-options';
});
if (xframe.length == 1) {
console.log("ERROR: X-Frame-Options=", resp.headers[xframe[0]], ", BrowserID will not be able to communicate with your site." +
" Suppress X-Frame-Options for /.well-known/browserid, " + urls.auth + ' and ' + urls.prov);
}
resp.setEncoding('utf8');
}
};
};
Jump to Line
Something went wrong with that request. Please try again.