NicholasLeader/HTTP_Security_header_check.ps1

## HTTP_Security_header_check.ps1
###
# Nicholas Leader
# 8.9.2019
# Check for the presence of HTTP Security headers - CSP or Content-Security-Policy in this example
#
# Dictionary calling idea from: https://stackoverflow.com/questions/39090323/how-to-check-if-response-header-contains-certain-headers-powershell
#
###

### set Connection to use TLS 1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

$URL_to_check = "https://securityheaders.com"
$HTTP_Header_to_check = "content-security-policy"

$response = Invoke-WebRequest $URL_to_check -UseBasicParsing
if ($response.Headers[$HTTP_Header_to_check] -ne $null) {
    Write-Output "Found"
} else {
    Write-Output "Not found"
}

# check website to see if headers are present / visable by script
# $response.headers
	###
	# Nicholas Leader
	# 8.9.2019
	# Check for the presence of HTTP Security headers - CSP or Content-Security-Policy in this example
	#
	# Dictionary calling idea from: https://stackoverflow.com/questions/39090323/how-to-check-if-response-header-contains-certain-headers-powershell
	#
	###

	### set Connection to use TLS 1.2
	[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

	$URL_to_check = "https://securityheaders.com"
	$HTTP_Header_to_check = "content-security-policy"

	$response = Invoke-WebRequest $URL_to_check -UseBasicParsing
	if ($response.Headers[$HTTP_Header_to_check] -ne $null) {
	Write-Output "Found"
	} else {
	Write-Output "Not found"
	}

	# check website to see if headers are present / visable by script
	# $response.headers