sven/tls-checker

Find and replace all insecure links in a directory with HTTPS

dev-master 2018-10-01 22:05 UTC

This package is auto-updated.

Last update: 2021-03-29 00:24:11 UTC


README

tls-checker

Latest Version on Packagist Total Downloads Software License Build Status StyleCI

Find all insecure URLs in all files in a directory, and replace them with https:// if supported.

:hero

Index

Installation

You'll have to follow a simple step to install this package.

Downloading

Via composer:

$ composer global require sven/tls-checker

You should now be able to run the tls-checker command from anywhere on your system.

Usage

Using the package is outlined below.

Search

You can use the search command to search for all insecure URLs in the src/ directory:

$ tls-checker search src/

This will output a table like the one below:

+-----------------+---------------------+--------------+
| Domain Name     | Insecure References | Supports TLS |
+-----------------+---------------------+--------------+
| google.com      | 17                  | ✔            |
| httpforever.com | 39                  | ✔            |
| zombo.com       | 4                   | ✘            |
+-----------------+---------------------+--------------+

You may optionally specify the --quiet option to easily integrate this tool into some automation. This will make tls-checker exit with exit code 0 if no (fixable) insecure URLs could be found, and exit with code 1 if one or more violations were found.

$ tls-checker search src/ --quiet

Fix

You may not just want to search for references, but also fix them immediately. To do so, use the fix command:

$ tls-checker fix src/
    Fixing 56 insecure URLs...
    Successfully fixed 56 insecure URLs

Options

There are several options that work for both the search and the fix commands:

--exclude

The --exclude option is an array of domains / PCRE patterns that should be ignored when searching or replacing insecure URLs. Default: localhost, (.+)\.test, (.+)\.localhost, (.+)\.invalid, and (.+)\.example (per RFC 2606).

$ tls-checker search src/ --exclude=localhost --exclude=httpforever.com

--timeout

This option determines the timeout to use when checking if a domain supports HTTPS in milliseconds. Default: 2000 (2 seconds).

# Wait for a response from HTTPS for 10 seconds before moving on.
$ tls-checker fix src/ --timeout=10000

Contributing

All contributions (pull requests, issues and feature requests) are welcome. Make sure to read through the CONTRIBUTING.md first, though. See the contributors page for all contributors.

License

sven/tls-checker is licensed under the MIT License (MIT). Please see the license file for more information.