SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions

Add info for Req 8-10 if direct url was given and as such no checks were performed. (#401)

Browse source 
* Add info for Req 8-10 if direct url was given and as such no checks were performed.

* Update cmd/csaf_checker/processor.go

Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>

* Break overly long lines

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
This commit is contained in:
JanHoefelmeyer 2023-07-13 15:59:23 +02:00 committed by GitHub
parent aeeb169111
commit f05bcd3642
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
cmd/csaf_checker/processor.go
View file

@ -340,6 +340,20 @@ func (p *processor) domainChecks(domain string) []func(*processor, string) error
if !direct { if !direct {
checks = append(checks, (*processor).checkWellknownSecurityDNS) checks = append(checks, (*processor).checkWellknownSecurityDNS)
} else {
p.badSecurity.use()
p.badSecurity.info(
"Performed no test of security.txt " +
"since the direct url of the provider-metadata.json was used.")
p.badWellknownMetadata.use()
p.badWellknownMetadata.info(
"Performed no test on whether the provider-metadata.json is available " +
"under the .well-known path " +
"since the direct url of the provider-metadata.json was used.")
p.badDNSPath.use()
p.badDNSPath.info(
"Performed no test on the contents of https://csaf.data.security.DOMAIN " +
"since the direct url of the provider-metadata.json was used.")
} }
checks = append(checks, checks = append(checks,