UNPKG

@mdworld/ingress-headers

Version:

A TypeScript utility for extracting and managing Content Security Policy (CSP) headers from Kubernetes ingress YAML files

github.com/mdvanes/ingress-headers

mdvanes/ingress-headers

51 lines (50 loc) 1.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/env node import fs from "fs"; import path from "path"; /** * Reads a YAML file and extracts the Content Security Policy, returning it as a structured JSON object * @param yamlFilePath - Path to the YAML file containing the CSP * @returns CSP directives organized by type */ export function readCSP(yamlFilePath) { const yamlPath = path.resolve(yamlFilePath); if (!fs.existsSync(yamlPath)) { throw new Error(`File not found: ${yamlPath}`); } const yamlContent = fs.readFileSync(yamlPath, "utf8"); // Extract the Content-Security-Policy line const cspMatch = yamlContent.match(/add_header Content-Security-Policy "(.*?)";/s); if (!cspMatch) { throw new Error("Content-Security-Policy header not found."); } const csp = cspMatch[1]; // Split directives const directives = csp .split(";") .map((d) => d.trim()) .filter(Boolean); const cspJson = directives.reduce((acc, directive) => { const [name, ...values] = directive.split(" "); acc[name] = values.map((value) => value.trim()).sort(); return acc; }, {}); return cspJson; } // CLI functionality when run directly // CLI usage when run directly if (import.meta.url === `file://${process.argv[1]}`) { const yamlFilePath = process.argv[2]; if (!yamlFilePath) { console.error("Error: Please provide a YAML file path as an argument."); console.error("Usage: npx ts-node src/read_headers.ts example/ingress.yaml"); process.exit(1); } try { const cspJson = readCSP(yamlFilePath); console.log(JSON.stringify(cspJson, null, 2)); } catch (error) { console.error(`Error: ${error instanceof Error ? error.message : String(error)}`); process.exit(1); } }