AutomatedTester · April 20, 2011 18:32
diff --git a/loki.py b/loki.py
 #!/usr/bin/python
 from optparse import OptionParser
 def main(urls):

    import urllib2
    response = urllib2.urlopen(urls)
    try:
        print "Checking for HTTPS"
        assert "https://" in response.geturl(), "Have not been redirected to HTTPS"
        print "Redirected to HTTPS version of site"
    except AssertionError, e:
        print str(e)

    try:
        response_headers = response.headers.headers
        headers = _clean_header(response_headers)
        print "Checking x-frame-options"
        assert headers["x-frame-options"] == "DENY" or \
            headers["x-frame-options"] == "SAMEORIGIN", \
            "x-frame-options were: %s" % headers["x-frame-options"]
        print "x-frame-options are correct"
    except AssertionError, e:
        print str(e)

    try:
        print "Checking TRACE is not valid"
        import httplib
        request = httplib.HTTPConnection(urls)
        request.request("TRACE", "/")
        request.getresponse()
        raise Exception("TRACE is a valid HTTP call")
    except httplib.BadStatusLine, e:
        print "TRACE is not valid"
    except Exception, e:
        print str(e)

 def _clean_header(response_headers):
    headers = {}
    for head in response_headers:
        lst = head.strip(" \r\n").split(":")
        headers[lst[0]] = lst[1].strip()
    return headers



 if __name__ == "__main__":
    usage = "Usage: %prog [option] arg"
    parser = OptionParser(usage=usage)
    parser.add_option("-u", "--url", action="store", type="string",
                    dest="aut", help="Url to be tested")
    parser.add_option("-f", "--file", action="store", type="string",
                    dest="file_name", 
                    help="File name with URLS to test, Currently not available")

    (options, args) = parser.parse_args()

    main(options.aut)
	#!/usr/bin/python
	from optparse import OptionParser
	def main(urls):

	import urllib2
	response = urllib2.urlopen(urls)
	try:
	print "Checking for HTTPS"
	assert "https://" in response.geturl(), "Have not been redirected to HTTPS"
	print "Redirected to HTTPS version of site"
	except AssertionError, e:
	print str(e)

	try:
	response_headers = response.headers.headers
	headers = _clean_header(response_headers)
	print "Checking x-frame-options"
	assert headers["x-frame-options"] == "DENY" or \
	headers["x-frame-options"] == "SAMEORIGIN", \
	"x-frame-options were: %s" % headers["x-frame-options"]
	print "x-frame-options are correct"
	except AssertionError, e:
	print str(e)

	try:
	print "Checking TRACE is not valid"
	import httplib
	request = httplib.HTTPConnection(urls)
	request.request("TRACE", "/")
	request.getresponse()
	raise Exception("TRACE is a valid HTTP call")
	except httplib.BadStatusLine, e:
	print "TRACE is not valid"
	except Exception, e:
	print str(e)

	def _clean_header(response_headers):
	headers = {}
	for head in response_headers:
	lst = head.strip(" \r\n").split(":")
	headers[lst[0]] = lst[1].strip()
	return headers



	if __name__ == "__main__":
	usage = "Usage: %prog [option] arg"
	parser = OptionParser(usage=usage)
	parser.add_option("-u", "--url", action="store", type="string",
	dest="aut", help="Url to be tested")
	parser.add_option("-f", "--file", action="store", type="string",
	dest="file_name",
	help="File name with URLS to test, Currently not available")

	(options, args) = parser.parse_args()

	main(options.aut)
No results found