commit 91808391a9e1d7d39c03afeb7e5ed3d51724420b Author: beu Date: Wed May 16 18:47:22 2018 +0200 first commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..eecc556 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# HTTPS+ Checker + +The extension quickly check if the website has HSTS, HPKP, DANE / TLSA and DNSSEC. + +Based on personnal API. diff --git a/httpspluschecker.zip b/httpspluschecker.zip new file mode 100644 index 0000000..a9457dc Binary files /dev/null and b/httpspluschecker.zip differ diff --git a/icon_x48.png b/icon_x48.png new file mode 100644 index 0000000..e257436 Binary files /dev/null and b/icon_x48.png differ diff --git a/icon_x96.png b/icon_x96.png new file mode 100644 index 0000000..0d1bd77 Binary files /dev/null and b/icon_x96.png differ diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..bd49500 --- /dev/null +++ b/manifest.json @@ -0,0 +1,24 @@ +{ + "manifest_version": 2, + "name": "HTTPS+ Checker", + "version": "0.0.2", + "description": "Verification of security mechanisms complementary to HTTPS", + "permissions": [ + "tabs", + "webRequest", + "" + ], + "browser_action": { + "default_title": "HTTPS+ Checker", + "default_icon": { + "48": "icon_x48.png", + "96": "icon_x96.png" + }, + "default_popup": "popup/index.html" + }, + + "icons": { + "48": "icon_x48.png", + "96": "icon_x96.png" + } +} diff --git a/popup/dnssec.js b/popup/dnssec.js new file mode 100644 index 0000000..e9ec513 --- /dev/null +++ b/popup/dnssec.js @@ -0,0 +1,37 @@ + +var xhr = new XMLHttpRequest(); + +browser.tabs.query({ active: true, lastFocusedWindow: true }).then(function(tab) { + const url = new URL(tab[0].url); + if (url.protocol === "http:" || url.protocol === "https:" ) { + var host = url.hostname ; + + xhr.open('GET', 'https://httpspluschecker.virtit.fr/?domain=' + host, false); + xhr.send(); + + + value = JSON.parse(xhr.responseText); + + if (value['DNSSEC'] === true ) { + document.getElementById("dnssec").className = "success"; + } else { + document.getElementById("dnssec").className = "danger"; + } + if (value['DANE'] === true ) { + document.getElementById("dane").className = "success"; + } else { + document.getElementById("dane").className = "danger"; + } + if (value['HSTS'] === true ) { + document.getElementById("hsts").className = "success"; + } else { + document.getElementById("hsts").className = "danger"; + } + if (value['HPKP'] === true ) { + document.getElementById("hpkp").className = "success"; + } else { + document.getElementById("hpkp").className = "danger"; + } + } + +}); diff --git a/popup/index.html b/popup/index.html new file mode 100644 index 0000000..797f488 --- /dev/null +++ b/popup/index.html @@ -0,0 +1,21 @@ + + + + + + + + +

HTTPS+ Checker

+ + + + + + + + + +

HSTS	HPKP
DNSSEC	DANE/TLSA

+ + \ No newline at end of file diff --git a/popup/style.css b/popup/style.css new file mode 100644 index 0000000..7b0d258 --- /dev/null +++ b/popup/style.css @@ -0,0 +1,31 @@ +body { + width: 250px; +} + +table, td, th { + border: 1px solid black; +} +table { + border-collapse: collapse; + width: 95%; +} +td { + height: 30px; + text-align: center; + vertical-align: center; + width: 50%; +} +.success { + background-color: #dff0d8; +} +.danger { + background-color: #f2dede; +} +.loading { + background-color: #fff2e6; +} +.title { + text-align: center; + font-weight: bold; + font-size: 18px; +} \ No newline at end of file