[SecurityHeaders] Added a possibility for no follow redirects (#6212)

* Added a possibility for no follow redirects * Changed from noFollowRedirects to ignoreRedirects * Update services/security-headers/security-headers.service.js Co-authored-by: chris48s <chris48s@users.noreply.github.com> * correct test color Co-authored-by: chris48s <chris48s@users.noreply.github.com> Co-authored-by: Caleb Cartwright <calebcartwright@users.noreply.github.com> Co-authored-by: repo-ranger[bot] <39074581+repo-ranger[bot]@users.noreply.github.com>

[SecurityHeaders] Added a possibility for no follow redirects (#6212)
6128aa55 · Morten Bøgh · GitHub · cd3774aa · 6128aa55 · 6128aa55
Unverified Commit 6128aa55 authored 4 years ago by Morten Bøgh Committed by GitHub 4 years ago
--- a/services/security-headers/security-headers.service.js
+++ b/services/security-headers/security-headers.service.js
@@ -6,6 +6,7 @@ const { BaseService, NotFound } = require('..')
 const queryParamSchema = Joi.object({
  url: optionalUrl.required(),
+  ignoreRedirects: Joi.equal(''),
 }).required()
 const documentation = `
@@ -38,6 +39,15 @@ module.exports = class SecurityHeaders extends BaseService {
      }),
      documentation,
    },
+    {
+      title: "Security Headers (Don't follow redirects)",
+      namedParams: {},
+      queryParams: { url: 'https://www.shields.io', ignoreRedirects: null },
+      staticPreview: this.render({
+        grade: 'R',
+      }),
+      documentation,
+    },
  ]
  static defaultBadgeData = {
@@ -53,6 +63,7 @@ module.exports = class SecurityHeaders extends BaseService {
      D: 'orange',
      E: 'orange',
      F: 'red',
+      R: 'blue',
    }
    return {
@@ -61,7 +72,7 @@ module.exports = class SecurityHeaders extends BaseService {
    }
  }
-  async handle(namedParams, { url }) {
+  async handle(namedParams, { url, ignoreRedirects }) {
    const { res } = await this._request({
      url: `https://securityheaders.com`,
      options: {
@@ -69,7 +80,7 @@ module.exports = class SecurityHeaders extends BaseService {
        qs: {
          q: url,
          hide: 'on',
-          followRedirects: 'on',
+          followRedirects: ignoreRedirects !== undefined ? null : 'on',
        },
      },
    })

--- a/services/security-headers/security-headers.tester.js
+++ b/services/security-headers/security-headers.tester.js
@@ -2,6 +2,10 @@
 const t = (module.exports = require('../tester').createServiceTester())
-t.create('grade of http://shields.io')
+t.create('grade of https://shields.io')
  .get('/security-headers.json?url=https://shields.io')
  .expectBadge({ label: 'security headers', message: 'F', color: 'red' })
+t.create('grade of https://httpstat.us/301 as redirect')
+  .get('/security-headers.json?ignoreRedirects&url=https://httpstat.us/301')
+  .expectBadge({ label: 'security headers', message: 'R', color: 'blue' })