Adds HSTS docs, makes TXT recors span 2 cols, checks for WhoIs API empty

2025-02-10 15:39:39 +01:00 · 2023-07-16 23:43:50 +01:00 · 2023-07-16 23:43:50 +01:00 · 20aaa77baf
commit 20aaa77baf
parent d50ca829fb
3 changed files with 31 additions and 1 deletions
--- a/src/components/Results/TxtRecords.tsx
+++ b/src/components/Results/TxtRecords.tsx
@ -2,7 +2,10 @@
 import { Card } from 'components/Form/Card';
 import Row from 'components/Form/Row';

-const cardStyles = '';
+const cardStyles = `
+grid-column: span 2;
+span.val { max-width: 32rem; }
+`;

 const TxtRecordCard = (props: {data: any, title: string, actionButtons: any }): JSX.Element => {
  const records = props.data;
--- a/src/utils/docs.ts
+++ b/src/utils/docs.ts
@ -268,6 +268,28 @@ const docs: Doc[] = [
    resources: [],
    screenshot: 'https://i.ibb.co/gP4P6kp/wc-features.png',
  },
+  {
+    id: "hsts",
+    title: "HTTP Strict Transport Security",
+    description: 'HTTP Strict Transport Security (HSTS) is a web security policy '
+    +'mechanism that helps protect websites against protocol downgrade attacks and '
+    + 'cookie hijacking. A website can be included in the HSTS preload list by '
+    + 'conforming to a set of requirements and then submitting itself to the list.',
+    use: `There are several reasons why it\'s important for a site to be HSTS enabled:
+  1. User bookmarks or manually types http://example.com and is subject to a man-in-the-middle attacker
+    HSTS automatically redirects HTTP requests to HTTPS for the target domain
+  2. Web application that is intended to be purely HTTPS inadvertently contains HTTP links or serves content over HTTP
+    HSTS automatically redirects HTTP requests to HTTPS for the target domain
+  3. A man-in-the-middle attacker attempts to intercept traffic from a victim user using an invalid certificate and hopes the user will accept the bad certificate
+    HSTS does not allow a user to override the invalid certificate message
+    `,
+    resources: [
+      'https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security',
+      'https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html',
+      'https://hstspreload.org/'
+    ],
+    screenshot: 'https://i.ibb.co/k253fq4/Screenshot-from-2023-07-17-20-10-52.png',
+  },
 ];

 export const about = [
--- a/src/utils/result-processor.ts
+++ b/src/utils/result-processor.ts
@ -187,6 +187,11 @@ export const parseRobotsTxt = (content: string): { robots: RowProps[] } => {
 }

 export const applyWhoIsResults = (response: any) => {
+  if (response.status !== '0') {
+    return {
+      error: response.status_desc,
+    }
+  }
  const whoIsResults: Whois = {
    created: response.date_created,
    expires: response.date_expires,