Referrer Policy is added

adesso-as-a-service · Oct 2, 2019 · 13812e8 · 13812e8
1 parent 8b769cb
commit 13812e8
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -5,4 +5,6 @@ results
 settings.json
 sql_config.json
 *.exe
-*.txt
+*.txt
+.idea/
+.vscode/
diff --git a/apis/observatory/Observatory.sql b/apis/observatory/Observatory.sql
@@ -40,6 +40,9 @@ CREATE TABLE [ObservatoryV10](
 	[XFrameOptionsPassed] [bit] NULL,
 	[XFrameOptionsResult] [nvarchar](100) NULL,
 	[XFrameOptionsDesc] [nvarchar](250) NULL,
+	[ReferrerPolicyPassed] [bit] NULL,
+	[ReferrerPolicyDesc] [nvarchar](100) NULL,
+	[ReferrerPolicyResult] [nvarchar](250) NULL,
  CONSTRAINT [PK_ObservatoryV10] PRIMARY KEY CLUSTERED 
 (
 	[ScanID] ASC,

diff --git a/apis/observatory/observatory.go b/apis/observatory/observatory.go
@@ -69,6 +69,11 @@ type TableRow struct {
 	XXSSProtectionDesc   string
 
 	ScanStatus int
+
+	//referrer-policy
+	ReferrerPolicyPassed	bool
+	ReferrerPolicyResult	string
+	ReferrerPolicyDesc		string
 }
 
 // maximum Number of parallel Scans
@@ -312,6 +317,21 @@ type ScanResults struct {
 		ScoreDescription string `json:"score_description"`
 		ScoreModifier    int    `json:"score_modifier"`
 	} `json:"x-xss-protection"`
+
+	//referrer-policy
+	ReferrerPolicy struct{
+		Expectation string `json:"expectation"`
+		Name        string `json:"name"`
+		Output      struct {
+			Data	interface{} `json:"data"`
+			Http	bool		`json:"http"`
+			Meta	bool		`json:"meta"`
+		} `json:"output"`
+		Pass             bool   `json:"pass"`
+		Result           string `json:"result"`
+		ScoreDescription string `json:"score_description"`
+		ScoreModifier    int    `json:"score_modifier"`
+	} `json:"referrer-policy"`
 }
 
 // invokeObservatoryAnalyzation starts an HTTP-Observatory assessment and polls
@@ -524,6 +544,12 @@ func parseResult(obsResult ScanResults, obsAnaly AnalyzeResult) TableRow {
 	row.XXSSProtectionPassed = obsResult.XXSSProtection.Pass
 	row.XXSSProtectionDesc = hooks.Truncate(obsResult.XXSSProtection.ScoreDescription, 250)
 	row.XXSSProtectionResult = hooks.Truncate(obsResult.XXSSProtection.Result, 100)
+
+	//referrer-policy
+	row.ReferrerPolicyPassed = obsResult.ReferrerPolicy.Pass
+	row.ReferrerPolicyDesc = hooks.Truncate(obsResult.ReferrerPolicy.ScoreDescription, 250)
+	row.ReferrerPolicyResult = hooks.Truncate(obsResult.ReferrerPolicy.Result, 100)
+
 	return row
 }