|
1 | | -#SSL-Yeah! |
| 1 | +# SSL-Yeah! |
2 | 2 | SSL-Yeah is a simple HTTPS verification tool for websites and ruleset creator for HTTPS Everywhere. |
3 | 3 |
|
4 | | -##Getting Started |
| 4 | +## Getting Started |
5 | 5 |
|
6 | 6 | 1. Install NodeJS on your system (http://nodejs.org/) |
7 | 7 | 2. Download SSL-Yeah |
8 | 8 | 3. `npm install` from the SSL-Yeah Folder. |
9 | 9 | 3. Run the script! |
10 | 10 |
|
11 | | -##Usage |
| 11 | +## Usage |
12 | 12 |
|
13 | | -###Settings |
14 | | -For the time being, the settings cannot be changed at runtime. You can configure SSL-Yeah prior to running the script in settings.js |
15 | | - |
16 | | -###Launching |
17 | | -####Launching via CLI |
18 | | -You can call the script without arguments and follow the on-screen instructions. |
| 13 | +#### Launching via command line |
| 14 | +The easiest way to try out ssl-yeah is to launch it from the command line. |
19 | 15 | ```js |
20 | | -node ssl-yeah.js |
| 16 | +node ssl-yeah myhost.com |
21 | 17 | ``` |
22 | 18 |
|
23 | | -####Launching with an argument |
24 | | -You can also pass a domain as argument when launching the program. |
| 19 | +#### Import ssl-yeah in your application |
| 20 | +For more flexibility, you may also import ssl-yeah into your application. |
25 | 21 | ```js |
26 | | -node ssl-yeah.js mydomain.com |
| 22 | +var SSLYeah = require('ssl-yeah'); |
| 23 | +var crawler = new SSLYeah(); |
| 24 | +crawler.on('crawlDone', function(){...}); |
| 25 | +crawler.startCrawl('myhost.com'); |
27 | 26 | ``` |
28 | 27 |
|
29 | | -###Output |
30 | | -By default, a detailed test report and an HTTPS Everywhere ruleset will be output to /output |
| 28 | +### Output |
| 29 | +By default, all files are written to `./output`. In CLI mode, detailed test report and an HTTPS Everywhere ruleset will be output by default. In library mode, no files are created by default. |
31 | 30 |
|
32 | 31 | Make sure to test the ruleset thoroughly before publishing it. It is also a good idea to cross-reference the ruleset with the detailed report in order to manually fine-tune the rules. |
33 | 32 |
|
34 | 33 |
|
35 | | -##Limitations |
| 34 | +## Limitations |
36 | 35 |
|
37 | 36 | - The input is not thoroughly checked for malformed or invalid urls |
38 | 37 | - No detection of servers that serve completely different pages for http and https |
39 | 38 | - No verification of secure cookies yet |
40 | 39 | - No verification of XMLHttpRequests yet |
41 | 40 |
|
42 | | -##Dependencies |
| 41 | +## Dependencies |
43 | 42 |
|
44 | | -The following dependencies are used in SSL-Yeah: |
45 | | -- Cheerio (https://github.com/cheeriojs/cheerio) |
46 | | -- Moment (https://github.com/moment/moment) |
| 43 | +The following dependencies are included in SSL-Yeah: |
47 | 44 | - A modified version of Robots-Parser (https://github.com/samclarke/robots-parser) |
0 commit comments