Merge pull request #309 from edoardottt/devel

v0.4.0
edoardottt · Sep 27, 2024 · ebef3b3 · ebef3b3
2 parents 1dfabcb + 0108d12
commit ebef3b3
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 15 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -5,26 +5,26 @@ linters:
   enable:
     - asciicheck
     - bodyclose
+    - copyloopvar
     - dogsled
     - dupl
+    - err113
     - errcheck
     - exhaustive
-    - exportloopref
     - gochecknoglobals
     - gochecknoinits
     - goconst
     - gocritic
     - godot
     - godox
-    - goerr113
     - goheader
-    - gomnd
     - gomodguard
     - goprintffuncname
     - gosimple
     - govet
     - ineffassign
     - misspell
+    - mnd
     - nakedret
     - nolintlint
     - prealloc
@@ -45,13 +45,6 @@ linters-settings:
     strict-append: false
     enforce-err-cuddling: true
 
-  gomnd:
-    # Values always ignored: "1", "1.0", "0" and "0.0"
-    # Default: []
-    ignored-numbers:
-      - '2'
-      - '0644'
-
 issues:
   exclude-rules:
     - path: pkg/output/banner.go

diff --git a/pkg/csprecon/csp.go b/pkg/csprecon/csp.go
@@ -52,6 +52,9 @@ func CheckCSP(url, ua string, rCSP *regexp.Regexp, client *http.Client) ([]strin
 	headerCSP := ParseCSP(resp.Header.Get("Content-Security-Policy"), rCSP)
 	result = append(result, headerCSP...)
 
+	headerCSP = ParseCSP(resp.Header.Get("Content-Security-Policy-Report-Only"), rCSP)
+	result = append(result, headerCSP...)
+
 	bodyCSP := ParseBodyCSP(resp.Body, rCSP)
 	result = append(result, bodyCSP...)
 

diff --git a/pkg/csprecon/csprecon.go b/pkg/csprecon/csprecon.go
@@ -20,6 +20,10 @@ import (
 	fileutil "github.com/projectdiscovery/utils/file"
 )
 
+const (
+	DefaultFilePermission = 0644
+)
+
 type Runner struct {
 	Input      chan string
 	Output     chan string
@@ -219,7 +223,7 @@ func writeOutput(wg *sync.WaitGroup, m *sync.Mutex, options *input.Options, o st
 	defer wg.Done()
 
 	if options.FileOutput != "" && options.Output == nil {
-		file, err := os.OpenFile(options.FileOutput, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644)
+		file, err := os.OpenFile(options.FileOutput, os.O_CREATE|os.O_RDWR|os.O_APPEND, DefaultFilePermission)
 		if err != nil {
 			gologger.Fatal().Msg(err.Error())
 		}
@@ -244,7 +248,7 @@ func writeJSONOutput(wg *sync.WaitGroup, m *sync.Mutex, options *input.Options,
 	defer wg.Done()
 
 	if options.FileOutput != "" && options.Output == nil {
-		file, err := os.OpenFile(options.FileOutput, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644)
+		file, err := os.OpenFile(options.FileOutput, os.O_CREATE|os.O_RDWR|os.O_APPEND, DefaultFilePermission)
 		if err != nil {
 			gologger.Fatal().Msg(err.Error())
 		}

diff --git a/pkg/input/flags.go b/pkg/input/flags.go
@@ -21,6 +21,7 @@ const (
 	DefaultTimeout     = 10
 	DefaultConcurrency = 50
 	DefaultRateLimit   = 0
+	DefaultNoFlags     = 2
 )
 
 type Options struct {
@@ -114,5 +115,5 @@ func help() bool {
 
 func noArgs() bool {
 	// User passed no flag.
-	return len(os.Args) < 2
+	return len(os.Args) < DefaultNoFlags
 }
diff --git a/pkg/output/banner.go b/pkg/output/banner.go
@@ -12,7 +12,7 @@ import "github.com/projectdiscovery/gologger"
 var printed = false
 
 const (
-	Version = "v0.3.1"
+	Version = "v0.4.0"
 	banner  = `    ______________  ________  _________  ____ 
    / ___/ ___/ __ \/ ___/ _ \/ ___/ __ \/ __ \
   / /__(__  ) /_/ / /  /  __/ /__/ /_/ / / / /

diff --git a/snapcraft.yaml b/snapcraft.yaml
@@ -3,7 +3,7 @@ summary: Discover new target domains using Content Security Policy
 description: |
       Take as input target URLs and probe them to retrieve their CSP (either from Head or Header) 
       and get new target domains.
-version: 0.3.1
+version: 0.4.0
 grade: stable
 base: core20