-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhttps-wrench.schema.json
More file actions
236 lines (236 loc) · 8.15 KB
/
Copy pathhttps-wrench.schema.json
File metadata and controls
236 lines (236 loc) · 8.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
{
"$schema": "http://json-schema.org/draft-06/schema#",
"$ref": "#/definitions/HttpsWrenchConfiguration",
"definitions": {
"HttpsWrenchConfiguration": {
"type": "object",
"additionalProperties": false,
"description": "Top-level configuration for https-wrench requests.",
"properties": {
"debug": {
"type": "boolean",
"description": "Enables global debug mode to print additional diagnostic information."
},
"verbose": {
"type": "boolean",
"description": "Enables verbose output, showing more details during execution."
},
"caBundle": {
"type": "string",
"description": "PEM-encoded CA certificate bundle used to verify server certificates. When omitted, the system trust store is used."
},
"baseRequest": {
"$ref": "#/definitions/RequestDefaults",
"description": "YAML-only shared request template. Define an anchor (e.g. baseRequest: &base) and merge into requests with <<: *base. Ignored by https-wrench at runtime."
},
"requests": {
"type": "array",
"description": "List of HTTPS requests to execute.",
"items": {
"$ref": "#/definitions/Request"
}
}
},
"required": [
"requests",
"verbose"
],
"title": "HttpsWrenchConfiguration"
},
"RequestDefaults": {
"type": "object",
"additionalProperties": false,
"description": "Shared request fields with no required keys. Used by baseRequest anchors and merged into requests[] entries.",
"properties": {
"name": {
"type": "string",
"description": "Descriptive name for this request, used in output. Required on each requests[] entry."
},
"transportOverrideUrl": {
"type": "string",
"format": "uri",
"qt-uri-protocols": [
"https"
],
"pattern": "^https://",
"description": "TLS/TCP dial address (https://host or https://ip:port). The logical hostname remains hosts[].name for Host header and SNI."
},
"clientTimeout": {
"type": "integer",
"minimum": 0,
"description": "HTTP client timeout in seconds."
},
"requestDebug": {
"type": "boolean",
"description": "If true, dumps the raw outgoing HTTP request for debugging."
},
"responseDebug": {
"type": "boolean",
"description": "If true, dumps the raw HTTP response, including TLS connection details, for debugging."
},
"responseBodyMatchRegexp": {
"type": "string",
"description": "Regular expression that the response body must match."
},
"printResponseBody": {
"type": "boolean",
"description": "If true, prints the HTTP response body."
},
"printResponseHeaders": {
"type": "boolean",
"description": "If true, prints HTTP response headers."
},
"printResponseCertificates": {
"type": "boolean",
"description": "If true, prints TLS certificates from the peer chain."
},
"responseCertificatesFilter": {
"type": "array",
"description": "Filter to display only specific certificates from the peer chain and/or only subset of fields for each certificate. Each item in the array is a map of certificate index (0-indexed, where 0 is the leaf certificate) to a list of certificate fields to render (e.g. Subject, DNSNames, Issuer, NotBefore, NotAfter, Expiration). If the list of fields is empty, all fields for that certificate are printed.",
"items": {
"type": "object",
"description": "Map of certificate chain index to the list of certificate fields to print.",
"patternProperties": {
"^[0-9]+$": {
"type": "array",
"description": "Certificate fields to print for the given chain index.",
"items": {
"type": "string",
"description": "Certificate field name to include in output.",
"enum": [
"Subject",
"DNSNames",
"Issuer",
"NotBefore",
"NotAfter",
"Expiration",
"IsCA",
"AuthorityKeyId",
"SubjectKeyId",
"PublicKeyAlgorithm",
"SignatureAlgorithm",
"SerialNumber",
"Fingerprint SHA-256"
]
}
}
},
"additionalProperties": false
}
},
"enableProxyProtocolV2": {
"type": "boolean",
"description": "If true, sends an HAProxy PROXY protocol v2 header on connect. Requires transportOverrideUrl."
},
"insecure": {
"type": "boolean",
"description": "If true, skips TLS server certificate verification (InsecureSkipVerify)."
},
"responseHeadersFilter": {
"type": "array",
"description": "Response header names to include when printResponseHeaders is enabled.",
"items": {
"type": "string",
"pattern": "^[A-Z]",
"description": "HTTP response header name. Must start with an uppercase letter."
}
},
"requestBody": {
"type": "string",
"description": "HTTP request body payload."
},
"requestMethod": {
"type": "string",
"pattern": "^(POST|GET|HEAD|PUT|DELETE|PATCH|HEAD|OPTIONS|TRACE)$",
"description": "HTTP method for the request. Defaults to GET when omitted."
},
"requestHeaders": {
"type": "array",
"description": "Custom HTTP request headers to send.",
"items": {
"$ref": "#/definitions/RequestHeader"
}
},
"userAgent": {
"type": "string",
"description": "Custom User-Agent string for the request."
},
"hosts": {
"type": "array",
"description": "Target hostnames and paths to request. Required on each requests[] entry.",
"items": {
"$ref": "#/definitions/Host"
}
}
},
"dependencies": {
"enableProxyProtocolV2": [
"transportOverrideUrl"
],
"responseCertificatesFilter": [
"printResponseCertificates"
]
},
"title": "RequestDefaults"
},
"Request": {
"description": "A single HTTPS probe definition. Each entry must include name and hosts.",
"allOf": [
{
"$ref": "#/definitions/RequestDefaults"
},
{
"required": [
"name",
"hosts"
]
}
],
"title": "Request"
},
"Host": {
"type": "object",
"additionalProperties": false,
"description": "A logical hostname and the URI paths to request on it.",
"properties": {
"name": {
"type": "string",
"description": "Hostname used for the request URL, Host header, and TLS ServerName indication."
},
"uriList": {
"type": "array",
"description": "URI paths to request on this host. Each path must start with /. When omitted, tool defaults apply.",
"items": {
"type": "string",
"pattern": "^/",
"description": "Request path starting with /."
}
}
},
"required": [
"name"
],
"title": "Host"
},
"RequestHeader": {
"type": "object",
"additionalProperties": false,
"description": "A single HTTP request header key-value pair.",
"properties": {
"key": {
"type": "string",
"description": "HTTP header name."
},
"value": {
"type": "string",
"description": "HTTP header value."
}
},
"required": [
"key",
"value"
],
"title": "RequestHeader"
}
}
}