A full report on my Google Summer of Code 2022 work with Aossie

Project: "Social Street Smart" 👨‍💻

This was the fourth year for Social Street Smart. Building upon the work done in the previous year, this year's GSoC tasks were aimed to safeguard users from Malicious URLs and improve their experience.

Here is a quick summary of the work done over this year:

• 👷 A CI / CD Pipeline has been added with
  • ✅ Unit Tests for all Newly Created APIs
  • 🚀 Deployment through the GitLab Pipeline
• ✨ New Features -
  • Security Header Checker API.
  • SSL Validator API.
• 🍱 Addition of a new front-end where ever needed
• 🐛 Fixing bugs
• 🚀 Deployed the Updated Chrome Extension to the Chrome Webstore.

Cyberattack incidences have increased significantly as a result of the Internet's connections expanding exponentially. A significant number of links on today's social media platforms are malicious. So to safeguard users from those, I introduced the Security Header Checker API this summer. It enables the user to lookup for any link and get information about browsing status of that link. A header checker would be beneficial in making sure that our users are as secure as possible from those malicious links.

In today's world of the Internet, SSL certificates help keep user data secure, prevent attackers from creating a fake version of the site, verify ownership of the website and provide consumers a sense of security. So I introduced the SSL Validator API this summer. It enables the user to lookup for any link and get information about SSL certificates of that link.

I have implemented Unit Testing into the project, that makes it much easier to validate that all the APIs are functioning properly. The tests run in GitLab's CI/CD Pipeline. Pytest was used to run the tests for the APIs.

This can be run locally in the same way as they were before GSoC 2022. The steps are as follows

# Go to the directory of the API
cd /server/Security-Headers

# Install all the requirements
pip install -r requirements.txt

# Run the server
flask run

This can also be run locally in the same way as they were before GSoC 2022. The steps are as follows

# Go to the directory of the API
cd /server/SSL

# Install all the requirements
pip install -r requirements.txt

# Run the server
flask run

For making the API calls, please follow the following format

For SSL Validator API
`localhost:5000/ssl/?url=<LINK_FOR_LOOKUP>`

For Security Header API
`localhost:5000/shc/?url=<LINK_FOR_LOOKUP>`

The API keys are to be encoded in base64 and passed as a string.

Unit testing for the APIs was done using pytest . To run the tests locally

cd /server/<directory_of_the_API>
pip install -r requirements.txt
pytest

• Download the Extension (Chrome Webstore)
• Chrome Extension Repository
• All API's Repository

• SSS-Phase 1
• SSS -Phase 2
• SSS API - Phase 1

The following merge requests were made to the project during GSoC 2022.

• !16 Combined PRs for SSL Validator and Security Header Checker API (Merged)

• !94 Added new UI for Settings Page (Merged)
• !64 SSL Certificate Validator Support (Merged)
• !65 Security Header Checker Support (Merged)
• !61 SSL Certificate Validator API -Integration and Tests (Merged)
• !62 Security Header Checker API -New API and Deployment (Merged)
• !60 SSL Certificate Validator API -New API and Deployment (Merged)
• !63 Security Header Checker API -Integration and Tests (Merged)