Documentation
¶
Overview ¶
Package custom hosts the non-scoring "additional findings" checks. Each check is small, focused and self-contained; new ones plug in by adding an entry to All(). Findings never contribute to the TLS or Headers grade — they surface as the `custom` array in the scan response.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Check ¶
type Check interface {
// ID returns the check identifier used in API payloads and the catalog
// (e.g. "custom.security_txt").
ID() string
// Run executes the check against target and returns its finding.
// Implementations must never return an error — transport failures are
// folded into the finding (typically as fail or info).
Run(ctx context.Context, target *safehttp.Target) scan.CustomFinding
}
Check is the pluggable interface every custom check implements.
type RobotsTxt ¶
type RobotsTxt struct{}
RobotsTxt is the robots.txt check. Its primary security relevance is information leak: a Disallow line publicly advertises that a path exists.
type SecurityTxt ¶
type SecurityTxt struct{}
SecurityTxt is the RFC 9116 check.
func (SecurityTxt) Run ¶
func (s SecurityTxt) Run(ctx context.Context, target *safehttp.Target) scan.CustomFinding
Run implements Check.
Source Files
Click to show internal directories.
Click to hide internal directories.