add support to observer urls with path

Question

add support to observer urls with path

532910 opened this issue 4 years ago · 4 comments

Trying to test https://riot.im/app/ it cut's off the app/, takes riot.im that redirects to about.riot.im and scans it. So there is no way to check https://riot.im/app/.

Answer 1 · 2020-05-27T16:35:16.000Z

The public observatory can only test the root website for any given domain, to protect against various security and misuse concerns. You can use the local scanner or run your own private instance of the Observatory (see the README at mozilla/http-observatory) to scan non-root sites such as what you linked.

Answer 2 · 2020-05-27T16:40:48.000Z

Could you explain what security and misuse concerns can be exploited via non-root url?

Answer 3 · 2020-05-27T17:14:17.000Z

The same concerns with custom SSH ports in #119 apply to custom paths in this issue. This reply in particular may help with understanding why non-default paths (and ports) aren't offered as a public service: #119 (comment)

Answer 4 · 2021-09-22T19:57:13.000Z

I just build a docker image to simplify httpobs-local-scan commande line usage.

docker run --rm famaridon/http-observatory:latest example.com --format report

https://github.com/famaridon/http-observatory