lib/site-inspector/domain.rb in site-inspector-2.0.0 vs lib/site-inspector/domain.rb in site-inspector-3.0.0

@@ -30,16 +30,24 @@
     def government?
       require 'gman'
       Gman.valid? host
     end
 
-    # Does *any* endpoint return a 200 response code?
+    # Does *any* endpoint return a 200 or 300 response code?
     def up?
       endpoints.any? { |e| e.up? }
     end
 
-    # Does any www endpoint return a 200 response code?
+    # Does *any* endpoint respond to HTTP?
+    # TODO: needs to allow an invalid chain.
+    def responds?
+      endpoints.any? { |e| e.responds? }
+    end
+
+
+    # TODO: These weren't present before, and may not be useful.
+    # Can you connect to www?
     def www?
       endpoints.any? { |e| e.www? && e.up? }
     end
 
     # Can you connect without www?
@@ -49,44 +57,53 @@
 
     # HTTPS is "supported" (different than "canonical" or "enforced") if:
     #
     # * Either of the HTTPS endpoints is listening, and doesn't have
     #   an invalid hostname.
+    #
+    # TODO: needs to allow an invalid chain.
     def https?
       endpoints.any? { |e| e.https? && e.up? && e.https.valid? }
     end
 
-    # HTTPS is enforced if one of the HTTPS endpoints is "live",
+    # HTTPS is enforced if one of the HTTPS endpoints is "up",
     # and if both *HTTP* endpoints are either:
     #
     #  * down, or
     #  * redirect immediately to HTTPS.
     #
     # This is different than whether a domain is "canonically" HTTPS.
     #
     # * an HTTP redirect can go to HTTPS on another domain, as long
     #   as it's immediate.
     # * a domain with an invalid cert can still be enforcing HTTPS.
+    #
+    # TODO: need to ensure the redirect *immediately* goes to HTTPS.
+    # TODO: don't need to require that the HTTPS cert is valid for this purpose.
     def enforces_https?
       return false unless https?
-      endpoints.select { |e| e.http? }.all? { |e| e.down? || (e.redirect && e.redirect.https?) }
+      endpoints.select { |e| e.http? }.all? { |e| !e.up? || (e.redirect && e.redirect.https?) }
     end
 
     # we can say that a canonical HTTPS site "defaults" to HTTPS,
     # even if it doesn't *strictly* enforce it (e.g. having a www
     # subdomain first to go HTTP root before HTTPS root).
+    #
+    # TODO: not implemented.
     def defaults_https?
       raise "Not implemented. Halp?"
     end
 
     # HTTPS is "downgraded" if both:
     #
     # * HTTPS is supported, and
     # * The 'canonical' endpoint gets an immediate internal redirect to HTTP.
+    #
+    # TODO: the redirect must be internal.
     def downgrades_https?
       return false unless https?
-      canonical_endpoint.redirect && canonical_endpoint.redirect.http?
+      canonical_endpoint.redirect? && canonical_endpoint.redirect.http?
     end
 
     # A domain is "canonically" at www if:
     #  * at least one of its www endpoints responds
     #  * both root endpoints are either down ~~or redirect *somewhere*~~, or
@@ -106,11 +123,11 @@
 
       # Does at least one www endpoint respond?
       return false unless www?
 
       # Are both root endpoints down?
-      return true if endpoints.select { |e| e.root? }.all? { |e| e.down? }
+      return true if endpoints.select { |e| e.root? }.all? { |e| !e.up? }
 
       # Does either root endpoint redirect to a www endpoint?
       endpoints.select { |e| e.root? }.any? { |e| e.redirect && e.redirect.www? }
     end
 
@@ -137,22 +154,22 @@
 
       # At least one of its https endpoints is live and doesn't have an invalid hostname
       return false unless https?
 
       # Both http endpoints are down
-      return true if endpoints.select { |e| e.http? }.all? { |e| e.down? }
+      return true if endpoints.select { |e| e.http? }.all? { |e| !e.up? }
 
       # at least one http endpoint redirects immediately to https
       endpoints.select { |e| e.http? }.any? { |e| e.redirect && e.redirect.https? }
     end
 
     # A domain redirects if
     # 1. At least one endpoint is an external redirect, and
     # 2. All endpoints are either down or an external redirect
     def redirect?
       return false unless redirect
-      endpoints.all? { |e| e.down? || e.external_redirect? }
+      endpoints.all? { |e| !e.up? || e.external_redirect? }
     end
 
     # The first endpoint to respond with a redirect
     def redirect
       endpoints.find { |e| e.external_redirect? }
@@ -203,14 +220,15 @@
     #  :all - return information about all endpoints
     #
     # Returns a complete hash of the domain's information
     def to_h(options={})
       prefetch
-      
+
       hash = {
         host:               host,
         up:                 up?,
+        responds:           responds?,
         www:                www?,
         root:               root?,
         https:              https?,
         enforces_https:     enforces_https?,
         downgrades_https:   downgrades_https?,
@@ -218,10 +236,10 @@
         canonically_https:  canonically_https?,
         redirect:           redirect?,
         hsts:               hsts?,
         hsts_subdomains:    hsts_subdomains?,
         hsts_preload_ready: hsts_preload_ready?,
-        canoncial_endpoint: canonical_endpoint.to_h(options)
+        canonical_endpoint: canonical_endpoint.to_h(options)
       }
 
       if options["all"]
         hash.merge!({
           endpoints: {