commit
91808391a9
8 changed files with 118 additions and 0 deletions
@ -0,0 +1,5 @@
|
||||
# HTTPS+ Checker |
||||
|
||||
The extension quickly check if the website has HSTS, HPKP, DANE / TLSA and DNSSEC. |
||||
|
||||
Based on personnal API. |
Binary file not shown.
After Width: | Height: | Size: 9.2 KiB |
After Width: | Height: | Size: 36 KiB |
@ -0,0 +1,24 @@
|
||||
{ |
||||
"manifest_version": 2, |
||||
"name": "HTTPS+ Checker", |
||||
"version": "0.0.2", |
||||
"description": "Verification of security mechanisms complementary to HTTPS", |
||||
"permissions": [ |
||||
"tabs", |
||||
"webRequest", |
||||
"<all_urls>" |
||||
], |
||||
"browser_action": { |
||||
"default_title": "HTTPS+ Checker", |
||||
"default_icon": { |
||||
"48": "icon_x48.png", |
||||
"96": "icon_x96.png" |
||||
}, |
||||
"default_popup": "popup/index.html" |
||||
}, |
||||
|
||||
"icons": { |
||||
"48": "icon_x48.png", |
||||
"96": "icon_x96.png" |
||||
} |
||||
} |
@ -0,0 +1,37 @@
|
||||
|
||||
var xhr = new XMLHttpRequest(); |
||||
|
||||
browser.tabs.query({ active: true, lastFocusedWindow: true }).then(function(tab) { |
||||
const url = new URL(tab[0].url); |
||||
if (url.protocol === "http:" || url.protocol === "https:" ) { |
||||
var host = url.hostname ; |
||||
|
||||
xhr.open('GET', 'https://httpspluschecker.virtit.fr/?domain=' + host, false); |
||||
xhr.send(); |
||||
|
||||
|
||||
value = JSON.parse(xhr.responseText); |
||||
|
||||
if (value['DNSSEC'] === true ) { |
||||
document.getElementById("dnssec").className = "success"; |
||||
} else { |
||||
document.getElementById("dnssec").className = "danger";
|
||||
} |
||||
if (value['DANE'] === true ) { |
||||
document.getElementById("dane").className = "success"; |
||||
} else { |
||||
document.getElementById("dane").className = "danger"; |
||||
}
|
||||
if (value['HSTS'] === true ) { |
||||
document.getElementById("hsts").className = "success"; |
||||
} else { |
||||
document.getElementById("hsts").className = "danger"; |
||||
}
|
||||
if (value['HPKP'] === true ) { |
||||
document.getElementById("hpkp").className = "success"; |
||||
} else { |
||||
document.getElementById("hpkp").className = "danger"; |
||||
}
|
||||
} |
||||
|
||||
}); |
@ -0,0 +1,21 @@
|
||||
<html> |
||||
<head> |
||||
<meta charset="utf-8"> |
||||
<link rel="stylesheet" href=" style.css"> |
||||
<script type="text/javascript" src="dnssec.js"></script> |
||||
</head> |
||||
|
||||
<body> |
||||
<div class="title">HTTPS+ Checker</div> |
||||
<table align="center" "> |
||||
<tr> |
||||
<td id="hsts" class="loading"><a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security">HSTS</a></td> |
||||
<td id="hpkp" class="loading"><a href="https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning">HPKP</td> |
||||
</tr> |
||||
<tr> |
||||
<td id="dnssec" class="loading"><a href="https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions">DNSSEC</td> |
||||
<td id="dane" class="loading"><a href="https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities">DANE/TLSA</td> |
||||
</tr> |
||||
</table> |
||||
</body> |
||||
</html> |
@ -0,0 +1,31 @@
|
||||
body { |
||||
width: 250px; |
||||
} |
||||
|
||||
table, td, th { |
||||
border: 1px solid black; |
||||
} |
||||
table { |
||||
border-collapse: collapse; |
||||
width: 95%; |
||||
} |
||||
td { |
||||
height: 30px; |
||||
text-align: center; |
||||
vertical-align: center; |
||||
width: 50%; |
||||
} |
||||
.success { |
||||
background-color: #dff0d8; |
||||
} |
||||
.danger { |
||||
background-color: #f2dede; |
||||
} |
||||
.loading { |
||||
background-color: #fff2e6; |
||||
} |
||||
.title { |
||||
text-align: center; |
||||
font-weight: bold; |
||||
font-size: 18px; |
||||
} |
Loading…
Reference in new issue