Implements shobrook#3, refactor shobrook#6

Not using man interface for this, although probably should
Malex · Oct 1, 2018 · bd84380 · bd84380
1 parent 635c0ce
commit bd84380
Showing 1 changed file with 241 additions and 4 deletions.
diff --git a/statcode/header_descriptions.yml b/statcode/header_descriptions.yml
@@ -44,10 +44,12 @@ Authorization:
  description: "Authentication credentials for HTTP authentication."
 
 Cache-Control:
- message: "Cache-Control: no-cache"
- category: "Client Request"
- description: "Used to specify directives that must be obeyed by all caching mechanisms \
- along the request-response chain."
+ message: "Client= Cache-Control: no-cache
+ Server= Cache-Control: max-age=3600"
+ category: "Client Request, Server Response"
+ description: "For client: Used to specify directives that must be obeyed by all caching mechanisms \
+ along the request-response chain.
+ For Server: Tells all caching mechanisms from server to client whether they may cache this object. It is measured in seconds"
 
 Connection:
  message: "Connection: keep-alive
@@ -191,3 +193,238 @@ Warning:
  category: "Client Request, Server Response"
  description: "A general warning about possible problems with the entity body."
 
+Access-Control-Allow-Origin:
+ message: "Access-Control-Allow-Origin: *"
+ category: "Server Response"
+ description: "Specifying which web sites can participate in cross-origin resource sharing"
+
+Access-Control-Allow-Credentials:
+ message: "Access-Control-Allow-Origin: *"
+ category: "Server Response"
+ description: "Specifying which web sites can participate in cross-origin resource sharing"
+
+Access-Control-Expose-Headers:
+ message: "Access-Control-Allow-Origin: *"
+ category: "Server Response"
+ description: "Specifying which web sites can participate in cross-origin resource sharing"
+
+Access-Control-Max-Age:
+ message: "Access-Control-Allow-Origin: *"
+ category: "Server Response"
+ description: "Specifying which web sites can participate in cross-origin resource sharing"
+
+Access-Control-Allow-Methods:
+ message: "Access-Control-Allow-Origin: *"
+ category: "Server Response"
+ description: "Specifying which web sites can participate in cross-origin resource sharing"
+
+Access-Control-Allow-Headers:
+ message: "Access-Control-Allow-Origin: *"
+ category: "Server Response"
+ description: "Specifying which web sites can participate in cross-origin resource sharing"
+
+Accept-Patch:
+ message: "Accept-Patch: text/example;charset=utf-8"
+ category: "Server Response"
+ description: "Specifies which patch document formats this server supports."
+
+Accept-Ranges:
+ message: "Accept-Ranges: bytes"
+ category: "Server Response"
+ description: "What partial content range types this server supports via byte serving."
+
+Age:
+ message: "Age: 12"
+ category: "Server Response"
+ description: "The age the object has been in a proxy cache in seconds."
+
+Allow:
+ message: "Allow: GET, HEAD"
+ category: "Server Response"
+ description: "Valid methods for a specified resource. To be used for a 405 Method not allowed."
+
+Alt-Svc:
+ message: "Alt-Svc: http/1.1=\"http2.example.com:8001\"; ma=7200"
+ category: "Server Response"
+ description: "A server uses \"Alt-Svc\" header (meaning Alternative Services) to indicate that its resources can also \
+ be accessed at a different network location (host or port) or using a different protocol.
+ When using HTTP/2, servers should instead send an ALTSVC frame."
+
+Content-Disposition:
+ message: "Content-Disposition: attachment; filename=\"fname.ext\""
+ category: "Server Response"
+ description: "An opportunity to raise a \"File Download\" dialogue box for a known MIME type with binary format \
+ or suggest a filename for dynamic content. Quotes are necessary with special characters."
+
+Content-Language:
+ message: "Content-Language: it"
+ category: "Server Response"
+ description: "The natural language or languages of the intended audience for the enclosed content"
+
+Content-Location:
+ message: "Content-Location: /index.htm"
+ category: "Server Response"
+ description: "An alternate location for the returned data."
+
+Content-Range:
+ message: "Content-Range: bytes 21010-47021/47022"
+ category: "Server Response"
+ description: "Where in a full body message this partial message belongs."
+
+Delta-Base:
+ message: "Delta-Base: \"abc\""
+ category: "Server Response"
+ description: "Specifies the delta-encoding entity tag of the response."
+
+ETag:
+ message: "ETag: \"737060cd8c284d8af7ad3082f209582d\""
+ category: "Server Response"
+ description: "An identifier for a specific version of a resource, often a message digest."
+
+Expires:
+ message: "Expires: Thu, 01 Dec 1994 16:00:00 GMT"
+ category: "Server Response"
+ description: "Gives the date/time after which the response is considered stale (in \"HTTP-date\" format as defined by RFC 7231)."
+
+IM:
+ message: "IM: feed"
+ category: "Server Response"
+ description: "Instance-manipulations applied to the response."
+
+Last-Modified:
+ message: "Last-Modified: Tue, 15 Nov 1994 12:45:26 GMT"
+ category: "Server Response"
+ description: "The last modified date for the requested object (in \"HTTP-date\" format as defined by RFC 7231)."
+
+Link:
+ message: "Link: </feed>; rel=\"alternate\""
+ category: "Server Response"
+ description: "Used to express a typed relationship with another resource, where the relation type is defined by RFC 5988."
+
+Location:
+ message: "Location: /pub/WWW/People.html"
+ category: "Server Response"
+ description: "Used in redirection, or when a new resource has been created. Can be absolute or relative path \
+ (if absolute, http:// protocol must be specified)."
+
+P3P:
+ message: "P3P: CP=\"This is not a P3P policy! See https://en.wikipedia.org/wiki/Special:CentralAutoLogin/P3P for more info.\""
+ category: "Server Response"
+ description: "This field is supposed to set P3P policy, in the form of P3P:CP=\"your_compact_policy\".
+ However, P3P did not take off,[45] most browsers have never fully implemented it, a lot of websites set this field \
+ with fake policy text, that was enough to fool browsers the existence of P3P policy and grant permissions for third party cookies."
+
+Proxy-Authenticate:
+ message: "Proxy-Authenticate: Basic"
+ category: "Server Response"
+ description: "Request authentication to access the proxy."
+
+Public-Key-Pins:
+ message: "Public-Key-Pins: max-age=2592000; pin-sha256=\"E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=\";"
+ category: "Server Response"
+ description: "HTTP Public Key Pinning, announces hash of website's authentic TLS certificate."
+
+Retry-After:
+ message: "Retry-After: 120; Retry-After: Fri, 07 Nov 2014 23:59:59 GMT"
+ category: "Server Response"
+ description: "If an entity is temporarily unavailable, this instructs the client to try again later. Value could be a specified period of time (in seconds) or a HTTP-date."
+
+Server:
+ message: "Server: Apache/2.4.1 (Unix)"
+ category: "Server Response"
+ description: "A name for the server.
+ \  Usually provides information about the OS and HTTP Server implementation used, mirroring User Agent"
+
+Set-Cookie:
+ message: "Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1"
+ category: "Server Response"
+ description: "Sets an HTTP Cookie on the client."
+
+Strict-Transport-Security:
+ message: "Strict-Transport-Security: max-age=16070400; includeSubDomains"
+ category: "Server Response"
+ description: "A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains."
+
+Trailer:
+ message: "Trailer: Max-Forwards"
+ category: "Server Response"
+ description: "The Trailer general field value indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer coding."
+
+Transfer-Encoding:
+ message: "Transfer-Encoding: chunked"
+ category: "Server Response"
+ description: "The form of encoding used to safely transfer the entity to the user. Currently defined methods are:\
+ chunked, compress, deflate, gzip, identity.
+ Must not be used with HTTP/2."
+
+Tk:
+ message: "Tk: ?"
+ category: "Server Response"
+ description: "Tracking Status header, value suggested to be sent in response to a DNT(do-not-track), possible values:
+ \"!\" — under construction
+ \"?\" — dynamic
+ \"G\" — gateway to multiple parties
+ \"N\" — not tracking
+ \"T\" — tracking
+ \"C\" — tracking with consent
+ \"P\" — tracking only if consented
+ \"D\" — disregarding DNT
+ \"U\" — updated."
+
+Vary:
+ message: "Vary: * ; Vary: Accept-Language"
+ category: "Server Response"
+ description: "Tells downstream proxies how to match future request headers to decide whether the cached response can be used rather than requesting a fresh one from the origin server."
+
+WWW-Authenticate:
+ message: "WWW-Authenticate: Basic"
+ category: "Server Response"
+ description: "Indicates the authentication scheme that should be used to access the requested entity."
+
+X-Frame-Options:
+ message: "X-Frame-Options: deny"
+ category: "Server Response"
+ description: "Clickjacking protection: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from - allow from specified location, allowall - non-standard, allow from any location."
+
+Refresh:
+ message: "Refresh: 5; url=http://www.example.com/pub/statcode/fun_times.html"
+ category: "Server Response"
+ description: "Used in redirection, or when a new resource has been created. This refresh redirects after 5 seconds. Header extension introduced by Netscape and supported by most web browsers. NOT STANDARD."
+
+Status:
+ message: "Status: 200 OK"
+ category: "Server Response"
+ description: "CGI header field specifying the status of the HTTP response. Normal HTTP responses use a separate \"Status-Line\" instead, defined by RFC 7230. NOT STANDARD."
+
+X-XSS-Protection:
+ message: "X-XSS-Protection: 1; mode=block"
+ category: "Server Response"
+ description: "Cross-site scripting (XSS) filter. NOT STANDARD."
+
+X-UA-Compatible:
+ message: "X-UA-Compatible: IE=EmulateIE7 ; X-UA-Compatible: IE=edge ; X-UA-Compatible: Chrome=1"
+ category: "Server Response"
+ description: "Recommends the preferred rendering engine (often a backward-compatibility mode) to use to display the content. Also used to activate Chrome Frame in Internet Explorer. NOT STANDARD."
+
+X-Powered-By:
+ message: "X-Powered-By: PHP/5.4.0"
+ category: "Server Response"
+ description: "Specifies the technology (e.g. ASP.NET, PHP, JBoss) supporting the web application (version details are often in X-Runtime, X-Version, or X-AspNet-Version). NOT STANDARD."
+
+X-Content-Type-Options:
+ message: "X-Content-Type-Options: nosniff"
+ category: "Server Response"
+ description: "The only defined value, \"nosniff\", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions. NOT STANDARD."
+
+X-Requested-With:
+ message: "X-Requested-With: XMLHttpRequest"
+ category: "Client Request"
+ description: "Mainly used to identify Ajax requests. Most JavaScript frameworks send this field with value of XMLHttpRequest. NOT STANDARD."
+
+DNT:
+ message: "DNT: 1 (Do Not Track Enabled) ; DNT: 0 (Do Not Track Disabled)"
+ category: "Client Request"
+ description: "Requests a web application to disable their tracking of a user.
+ This is Mozilla's version of the X-Do-Not-Track header field (since Firefox 4.0 Beta 11). \
+ Safari and IE9 also have support for this field.
+ On March 7, 2011, a draft proposal was submitted to IETF. The W3C Tracking Protection Working Group is producing a specification."