mirror of
https://github.com/inspec/inspec
synced 2024-12-03 18:09:32 +00:00
0f96c88d88
Signed-off-by: Nathan L Smith <smith@chef.io>
104 lines
3 KiB
Text
104 lines
3 KiB
Text
---
|
|
title: About the http Resource
|
|
---
|
|
|
|
# http
|
|
|
|
Use the `http` InSpec audit resource to test an http endpoint.
|
|
|
|
<p class="warning">Currently, this resource always executes on the host on which <code>inspec exec</code> is run, even if you use the <code>--target</code> option to remotely scan a different host.<br>
|
|
<br>
|
|
This will be corrected in a future version of InSpec. New InSpec releases are posted in the <a href="https://discourse.chef.io/c/chef-release" target="_blank">Release Announcements Category in Discourse</a>.</p>
|
|
|
|
## Syntax
|
|
|
|
An `http` resource block declares the configuration settings to be tested:
|
|
|
|
describe http('url', auth: {user: 'user', pass: 'test'}, params: {params}, method: 'method', headers: {headers}, data: data, open_timeout: 60, read_timeout: 60, ssl_verify: true) do
|
|
its('status') { should eq number }
|
|
its('body') { should eq 'body' }
|
|
its('headers.name') { should eq 'header' }
|
|
end
|
|
|
|
where
|
|
|
|
* `('url')` is the url to test
|
|
* `auth: { user: 'user', pass: 'test' }` may be specified for basic auth request
|
|
* `{params}` may be specified for http request parameters
|
|
* `'method'` may be specified for http request method (default to 'GET')
|
|
* `{headers}` may be specified for http request headers
|
|
* `data` may be specified for http request body
|
|
* `open_timeout` may be specified for a timeout for opening connections (default to 60)
|
|
* `read_timeout` may be specified for a timeout for reading connections (default to 60)
|
|
* `ssl_verify` may be specified to enable or disable verification of SSL certificates (default to `true`)
|
|
|
|
## Matchers
|
|
|
|
This InSpec audit resource has the following matchers:
|
|
|
|
### be
|
|
|
|
<%= partial "/shared/matcher_be" %>
|
|
|
|
### body
|
|
|
|
The `body` matcher tests body content of http response:
|
|
|
|
its('body') { should eq 'hello\n' }
|
|
|
|
### cmp
|
|
|
|
<%= partial "/shared/matcher_cmp" %>
|
|
|
|
### eq
|
|
|
|
<%= partial "/shared/matcher_eq" %>
|
|
|
|
### headers
|
|
|
|
The `headers` matcher returns an hash of all http headers:
|
|
|
|
its('headers') { should eq {} }
|
|
|
|
Individual headers can be tested via:
|
|
|
|
its('headers.Content-Type') { should cmp 'text/html' }
|
|
|
|
### include
|
|
|
|
<%= partial "/shared/matcher_include" %>
|
|
|
|
### match
|
|
|
|
<%= partial "/shared/matcher_match" %>
|
|
|
|
### status
|
|
|
|
The `status` matcher tests status of the http response:
|
|
|
|
its('status') { should eq 200 }
|
|
|
|
## Examples
|
|
|
|
The following examples show how to use this InSpec audit resource.
|
|
|
|
### Simple http test
|
|
|
|
For example, a service is listening on default http port can be tested like this:
|
|
|
|
describe http('http://localhost') do
|
|
its('status') { should cmp 200 }
|
|
end
|
|
|
|
### Complex http test
|
|
|
|
describe http('http://localhost:8080/ping',
|
|
auth: {user: 'user', pass: 'test'},
|
|
params: {format: 'html'},
|
|
method: 'POST',
|
|
headers: {'Content-Type' => 'application/json'},
|
|
data: '{"data":{"a":"1","b":"five"}}') do
|
|
its('status') { should cmp 200 }
|
|
its('body') { should cmp 'pong' }
|
|
its('headers.Content-Type') { should cmp 'text/html' }
|
|
end
|