VirtIT/wext-httpspluschecker
2
0
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

first commit

Browse Source
This commit is contained in:
Beu 2018-05-16 18:47:22 +02:00
commit 91808391a9
8 changed files with 118 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md Normal file
View File

@ -0,0 +1,5 @@
# HTTPS+ Checker
The extension quickly check if the website has HSTS, HPKP, DANE / TLSA and DNSSEC.
Based on personnal API.

BIN
httpspluschecker.zip Normal file
View File

Binary file not shown.

BIN
icon_x48.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.2 KiB

BIN
icon_x96.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

24
manifest.json Normal file
View File

@ -0,0 +1,24 @@
{
"manifest_version": 2,
"name": "HTTPS+ Checker",
"version": "0.0.2",
"description": "Verification of security mechanisms complementary to HTTPS",
"permissions": [
"tabs",
"webRequest",
"<all_urls>"
],
"browser_action": {
"default_title": "HTTPS+ Checker",
"default_icon": {
"48": "icon_x48.png",
"96": "icon_x96.png"
},
"default_popup": "popup/index.html"
},
"icons": {
"48": "icon_x48.png",
"96": "icon_x96.png"
}
}

37
popup/dnssec.js Normal file
View File

@ -0,0 +1,37 @@
var xhr = new XMLHttpRequest();
browser.tabs.query({ active: true, lastFocusedWindow: true }).then(function(tab) {
const url = new URL(tab[0].url);
if (url.protocol === "http:" || url.protocol === "https:" ) {
var host = url.hostname ;
xhr.open('GET', 'https://httpspluschecker.virtit.fr/?domain=' + host, false);
xhr.send();
value = JSON.parse(xhr.responseText);
if (value['DNSSEC'] === true ) {
document.getElementById("dnssec").className = "success";
} else {
document.getElementById("dnssec").className = "danger";
}
if (value['DANE'] === true ) {
document.getElementById("dane").className = "success";
} else {
document.getElementById("dane").className = "danger";
}
if (value['HSTS'] === true ) {
document.getElementById("hsts").className = "success";
} else {
document.getElementById("hsts").className = "danger";
}
if (value['HPKP'] === true ) {
document.getElementById("hpkp").className = "success";
} else {
document.getElementById("hpkp").className = "danger";
}
}
});

21
popup/index.html Normal file
View File

@ -0,0 +1,21 @@
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href=" style.css">
<script type="text/javascript" src="dnssec.js"></script>
</head>
<body>
<div class="title">HTTPS+ Checker</div>
<table align="center" ">
<tr>
<td id="hsts" class="loading"><a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security">HSTS</a></td>
<td id="hpkp" class="loading"><a href="https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning">HPKP</td>
</tr>
<tr>
<td id="dnssec" class="loading"><a href="https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions">DNSSEC</td>
<td id="dane" class="loading"><a href="https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities">DANE/TLSA</td>
</tr>
</table>
</body>
</html>

31
popup/style.css Normal file
View File

@ -0,0 +1,31 @@
body {
width: 250px;
}
table, td, th {
border: 1px solid black;
}
table {
border-collapse: collapse;
width: 95%;
}
td {
height: 30px;
text-align: center;
vertical-align: center;
width: 50%;
}
.success {
background-color: #dff0d8;
}
.danger {
background-color: #f2dede;
}
.loading {
background-color: #fff2e6;
}
.title {
text-align: center;
font-weight: bold;
font-size: 18px;
}