Index: openacs-4/packages/acs-admin/www/posture-overview.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/posture-overview.adp,v diff -u -r1.1.2.2 -r1.1.2.3 --- openacs-4/packages/acs-admin/www/posture-overview.adp 6 Aug 2024 14:36:54 -0000 1.1.2.2 +++ openacs-4/packages/acs-admin/www/posture-overview.adp 7 Aug 2024 13:03:08 -0000 1.1.2.3 @@ -102,6 +102,26 @@

+

Machine Readable Infomation for External Parties

+ + + + + + + + + + + + + + +
URLStatusDiagnosis
@machine_readable.url@@machine_readable.status@@machine_readable.diagnosis@ + (Details: @machine_readable.detailLabel@) +
+ +

Response Header Check

The following subset of security-related response header fields will be returned when the home page of this server is requested:

Index: openacs-4/packages/acs-admin/www/posture-overview.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/posture-overview.tcl,v diff -u -r1.1.2.3 -r1.1.2.4 --- openacs-4/packages/acs-admin/www/posture-overview.tcl 7 Aug 2024 09:25:38 -0000 1.1.2.3 +++ openacs-4/packages/acs-admin/www/posture-overview.tcl 7 Aug 2024 13:03:08 -0000 1.1.2.4 @@ -169,8 +169,8 @@ set ssllabs_url https://www.ssllabs.com/ssltest/analyze.html?viaform=on&d=https://$host_header&hideResults=on } -template::multirow create link_check type \ - url status package_id permission_info diagnosis +template::multirow create link_check \ + type url status package_id permission_info diagnosis foreach {type url} [subst { internal /acs-service-contract/ @@ -193,7 +193,7 @@ set package_id [site_node::get_object_id -node_id $node_id] set parties [permission::get_parties_with_permission -object_id $package_id] set direct_permissions [::acs::dc list get {select grantee_id || ' ' || privilege from acs_permissions where object_id = :package_id}] - ns_log notice "direct_permissions $direct_permissions" + #ns_log notice "direct_permissions $direct_permissions" set direct_permissions [lmap p $direct_permissions { #ns_log notice "XXX [lindex $p 0] [ad_decode [lindex $p 0] -1 public -2 registered-users]" list [ad_decode [lindex $p 0] -1 public -2 "registered-users" [lindex $p 0]] [lindex $p 1] @@ -233,6 +233,46 @@ } +template::multirow create machine_readable url status diagnosis detailURL detailLabel + +foreach url { + /robots.txt + /security.txt +} { + try { + ns_http run -timeout 300ms $current_location$url + } on ok {result} { + set status [dict get $result status] + set diagnosis "" + set detailURL "" + set detailLabel "" + switch $status { + 200 {set diagnosis "publicly accessible"} + 404 { + set diagnosis "not provided" + switch $url { + /robots.txt { + set detailLabel "RFC 9309" + set detailURL https://datatracker.ietf.org/doc/html/rfc9309 + } + /security.txt { + set detailLabel "RFC 9116" + set detailURL https://www.rfc-editor.org/rfc/rfc9116 + } + } + } + } + #append diagnosis " $node_id $package_id ($parties) // [llength $parties] // $direct_permissions" + #append report "status $status $diagnose\n
" + } on error {errorMsg} { + set diagnosis $errorMsg + set status 0 + } + + template::multirow append machine_readable $url $status $diagnosis $detailURL $detailLabel +} + + template::multirow create hdr_check \ field value foreach url $current_location {