Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new_audit: use a strong HSTS policy #16257

Merged
merged 23 commits into from
Dec 3, 2024
Merged

new_audit: use a strong HSTS policy #16257

merged 23 commits into from
Dec 3, 2024

Conversation

sebastian9er
Copy link
Contributor

Summary

Adding a new audit to Ligththouse, which detects deviations from an optimal HSTS header deployment.

Part of a larger change to introduce more similar header deployments.

Link to documentation is pending internal discussions (@adamraine FYI, either of us can update the Link here once we have the blog post done).

@sebastian9er sebastian9er requested a review from a team as a code owner November 19, 2024 09:32
@sebastian9er sebastian9er requested review from adamraine and removed request for a team November 19, 2024 09:32
@adamraine adamraine changed the title Adding the HSTS audit to Lighthouse new_audit: HSTS policy check Nov 19, 2024
adamraine
adamraine reviewed Nov 19, 2024
View reviewed changes
cli/test/smokehouse/test-definitions/hsts-fully-present.js Show resolved Hide resolved
core/audits/has-hsts.js Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/config/default-config.js Show resolved Hide resolved
core/test/audits/has-hsts-test.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
@adamraine adamraine changed the title new_audit: HSTS policy check new_audit: has HSTS Nov 19, 2024
sebastian9er added a commit to sebastian9er/lighthouse that referenced this pull request Nov 21, 2024
@sebastian9er
Adding changes to COOP audit similar to HSTS audit (recommendations f…
b2851bf 
…rom GoogleChrome#16257).
adamraine
adamraine reviewed Nov 21, 2024
View reviewed changes
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/test/audits/has-hsts-test.js Outdated Show resolved Hide resolved
core/test/audits/has-hsts-test.js Outdated Show resolved Hide resolved
adamraine
adamraine reviewed Nov 21, 2024
View reviewed changes
core/audits/has-hsts.js Outdated Show resolved Hide resolved
@sebastian9er
Fix several issues from PR GoogleChrome#16257: Poperly hide audit unt…
46c9aa1 
…il docs are published, some text phrasings and the smoke test assertions.
adamraine
adamraine approved these changes Nov 22, 2024
View reviewed changes
Copy link
Member

@adamraine adamraine left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM! Thanks for the contributions!

core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Outdated Show resolved Hide resolved
core/audits/has-hsts.js Show resolved Hide resolved
@adamraine adamraine changed the title new_audit: has HSTS new_audit: use a strong HSTS policy Nov 22, 2024
@sebastian9er
Copy link
Contributor Author

Thanks Adam! Is there anything left to do from my side here?

@adamraine
Copy link
Member

Thanks Adam! Is there anything left to do from my side here?

Don't think so!

@sebastian9er
Copy link
Contributor Author

Thanks for including the proper Link, Adam!

I didn't know when my doc got pushed to https://developer.chrome.com/docs/lighthouse/best-practices/has-hsts.

But that was actually quite fast :D

@sebastian9er
Copy link
Contributor Author

Ran update:sample-json to account for the string change in the last commit.

@adamraine adamraine merged commit 23d322f into GoogleChrome:main Dec 3, 2024
24 checks passed
sebastian9er added a commit to sebastian9er/lighthouse that referenced this pull request Dec 4, 2024
@sebastian9er
Adding changes to COOP audit similar to HSTS audit (recommendations f…
03a8baa 
…rom GoogleChrome#16257).
sebastian9er added a commit to sebastian9er/lighthouse that referenced this pull request Dec 4, 2024
@sebastian9er
Adding changes to COOP audit similar to HSTS audit (recommendations f…
cb31a01 
…rom GoogleChrome#16257).
sebastian9er added a commit to sebastian9er/lighthouse that referenced this pull request Dec 4, 2024
@sebastian9er
Adding changes to COOP audit similar to HSTS audit (recommendations f…
f91ebe6 
…rom GoogleChrome#16257).
sebastian9er added a commit to sebastian9er/lighthouse that referenced this pull request Dec 4, 2024
@sebastian9er
Adding changes to COOP audit similar to HSTS audit (recommendations f…
7d7afbf 
…rom GoogleChrome#16257).
@sebastian9er sebastian9er mentioned this pull request Dec 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adamraine adamraine adamraine approved these changes

Assignees

@adamraine adamraine

Labels
waiting4reviewer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sebastian9er @adamraine @devtools-bot