Registry¶
Package Registry provides a thread-safe, centralized registry system for managing security test implementations. It acts as a repository for all available ResponseTest instances, enabling dynamic test retrieval and execution throughout the application.
The registry automatically initializes with default tests during package initialization and enforces uniqueness of test IDs to prevent conflicts. All tests are indexed by their string identifiers for fast O(1) lookup operations.
Error codes:
- 100: Duplicate test ID detected during registration
Index¶
- Variables
- func GetTest(testId string) (*Tests.ResponseTest, bool)
- func init()
- func registerTest(t *Tests.ResponseTest)
Variables¶
tests is the internal central storage for all registered response tests, indexed by their unique string ID. This map provides O(1) lookup performance for test retrieval operations.
The map is populated during package initialization via the init() function and should not be modified directly outside of the registerTest function.
func GetTest¶
GetTest retrieves a specific ResponseTest from the registry by its unique identifier. This is the primary method for accessing registered tests and provides thread-safe read access to the registry.
The function performs an O(1) map lookup and returns both the test instance and a boolean indicating whether the test was found. This pattern allows callers to distinguish between a missing test and other error conditions.
Parameters:
- testId: The unique string identifier of the test to retrieve (e.g., "https-protocol-check", "hsts-check")
Returns:
- *Tests.ResponseTest: Pointer to the test instance if found, nil otherwise
- bool: true if the test exists in the registry, false if not found
Example:
test, exists := Registry.GetTest("https-protocol-check")
if !exists {
log.Printf("Test not found: https-protocol-check")
return
}
result := test.Run(params)
func init¶
init automatically registers default security tests when the Registry package is initialized. This function runs once before main() and ensures all standard tests are available for immediate use throughout the application lifecycle.
Currently registered tests:
- HTTPSTest: Verifies HTTPS protocol usage
- HSTSTest: Checks HTTP Strict Transport Security headers
- ServerHeaderTest: Analyzes server header information
- CSPTest: Analyzes Content Security Policy configuration for XSS and injection protection
- CookieSecurityTest: Analyzes cookie security attributes and session management
- JSObfuscationTest: Detects obfuscated JavaScript code indicating potential security threats
- XFrameTest: Analyzes X-Frame-Options and CSP frame-ancestors for clickjacking protection
- ReferrerPolicyTest: Analyzes Referrer-Policy header for privacy and information leakage protection
- PermissionsPolicyTest: Analyzes Permissions-Policy header for browser feature access control
- XContentTypeOptionsTest: Analyzes X-Content-Type-Options header for MIME sniffing protection
- CrossOriginTest: Analyzes Cross-Origin security headers (COEP, CORP, COOP) for cross-origin attack protection
Additional tests can be registered by adding registerTest calls in this function.
func registerTest¶
registerTest adds a new test instance to the internal registry with strict ID uniqueness enforcement. This function is intended for internal use during package initialization via the init() function.
The function performs validation to ensure no duplicate test IDs are registered, which could cause conflicts in test execution. If a duplicate is detected, it triggers a panic with detailed error information.
Parameters:
- t: Pointer to the ResponseTest instance to register
Panics:
- error.Error with code 100: If a test with the same ID already exists in the registry
Example:
Generated by gomarkdoc