Jump to content

Question

Hi team,

I am new to bash ,I need one script  for Curl out put and compare my Company standard https security header values

curl -I https://www.facebook.com 

root@test2:/tmp/script# curl -I https://www.facebook.com
HTTP/1.1 200 OK
Set-Cookie: fr=1kjPgVD66lS3kYjYA..Be9zBn.U3.AAA.0.0.Be9zBn.AWUH9tfj; expires=Fri, 25-Sep-2020 11:41:26 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly
Set-Cookie: sb=ZzD3XqmqdoQjkrwaIdKtY_Tm; expires=Mon, 27-Jun-2022 11:41:27 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly
Cache-Control: private, no-cache, no-store, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Type: text/html; charset="utf-8"
X-FB-Debug: dudKZnpdXhLfwBp1a8H2Kx4d4z2QPZ2SDwpiYKOXSD89BbUvEjT138T+rYetTnHv/guPrIO09baQeh7KJ5ERnQ==
Date: Sat, 27 Jun 2020 11:41:27 GMT
Transfer-Encoding: chunked
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Connection: keep-alive

========================================

my company has std value like Strict-Transport-Security: 

Strict-Transport-Security max-age=31536000 ; includeSubDomains

but above out put is max-age=15552000; preload

 we need to compare and make it one table 

----

 

Link to post
Share on other sites

1 answer to this question

Recommended Posts

  • 0
On 6/27/2020 at 5:45 PM, bmbalasanthosh@gmail.com said:

Hi team,

I am new to bash ,I need one script  for Curl out put and compare my Company standard https security header values

curl -I https://www.facebook.com

root@test2:/tmp/script# curl -I https://www.facebook.com
HTTP/1.1 200 OK
Set-Cookie: fr=1kjPgVD66lS3kYjYA..Be9zBn.U3.AAA.0.0.Be9zBn.AWUH9tfj; expires=Fri, 25-Sep-2020 11:41:26 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly
Set-Cookie: sb=ZzD3XqmqdoQjkrwaIdKtY_Tm; expires=Mon, 27-Jun-2022 11:41:27 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly
Cache-Control: private, no-cache, no-store, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15552000; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Type: text/html; charset="utf-8"
X-FB-Debug: dudKZnpdXhLfwBp1a8H2Kx4d4z2QPZ2SDwpiYKOXSD89BbUvEjT138T+rYetTnHv/guPrIO09baQeh7KJ5ERnQ==
Date: Sat, 27 Jun 2020 11:41:27 GMT
Transfer-Encoding: chunked
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Connection: keep-alive

========================================

my company has std value like Strict-Transport-Security: 

Strict-Transport-Security max-age=31536000 ; includeSubDomains

but above out put is max-age=15552000; preload

 we need to compare and make it one table 

----

 

Hi, 
Are you using  a cache server? If you are, which one? How did you set the Strict-Transport-Security header? 

Shovon

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...