output format option

juerkkil · Oct 25, 2024 · 455d3b3 · 455d3b3
1 parent a7debbf
commit 455d3b3
Showing 1 changed file with 13 additions and 4 deletions.
diff --git a/secheaders/securityheaders.py b/secheaders/securityheaders.py
@@ -1,5 +1,6 @@
 import argparse
 import http.client
+import json
 import re
 import socket
 import ssl
@@ -82,7 +83,8 @@ def _follow_redirect_until_response(self, url, follow_redirects=5):
             if temp_url.scheme == 'http':
                 conn = http.client.HTTPConnection(temp_url.netloc, timeout=DEFAULT_TIMEOUT)
             elif temp_url.scheme == 'https':
-                ctx = ssl.create_default_context() if self.verify_ssl else ssl._create_stdlib_context()  # pylint: disable=protected-access
+                # pylint: disable-next=protected-access
+                ctx = ssl.create_default_context() if self.verify_ssl else ssl._create_stdlib_context()
                 conn = http.client.HTTPSConnection(temp_url.netloc, context=ctx, timeout=DEFAULT_TIMEOUT)
             else:
                 raise InvalidTargetURL("Unsupported protocol scheme")
@@ -187,6 +189,7 @@ def check_headers(self):
 
         return retval
 
+
 def output_cli(headers, https, verbose=False):
     for header, value in headers.items():
         output_str = ""
@@ -227,6 +230,8 @@ def main():
                         help='Max redirects, set 0 to disable')
     parser.add_argument('--insecure', dest='insecure', action='store_true',
                         help='Do not verify TLS certificate chain')
+
+    parser.add_argument('--format', type=str, required=False, default='text', help='Output format, options: text, json')
     parser.add_argument('--verbose', '-v', dest='verbose', action='store_true',
                         help='Verbose output')
     args = parser.parse_args()
@@ -235,15 +240,19 @@ def main():
         header_check.fetch_headers()
         headers = header_check.check_headers()
     except SecurityHeadersException as e:
-        print(e)
+        print(e, file=sys.stderr)
         sys.exit(1)
 
     if not headers:
-        print("Failed to fetch headers, exiting...")
+        print("Failed to fetch headers, exiting...", file=sys.stderr)
         sys.exit(1)
 
     https = header_check.test_https()
-    output_cli(headers, https, args.verbose)
+    if args.format == 'text':
+        output_cli(headers, https, args.verbose)
+    else:
+        print(json.dumps({'headers': headers, 'https': https}, indent=2))
+
 
 if __name__ == "__main__":
     main()