import requests
from bs4 import BeautifulSoup, Comment
import gradio as gr

def extract_comments_and_check_security(url):
    results = {}
    
    # Fetch and check the HTML comments
    try:
        response = requests.get(url)
        results['Status Code'] = response.status_code
        
        if response.status_code == 200:
            soup = BeautifulSoup(response.text, 'html.parser')
            comments = soup.find_all(string=True)
            comment_list = [str(comment) for comment in comments if isinstance(comment, Comment)]
            results['Comments'] = "\n\n".join(comment_list) if comment_list else "No comments found in the HTML."
        else:
            results['Comments'] = f"Failed to retrieve the webpage. Status code: {response.status_code}"
    except Exception as e:
        results['Comments'] = str(e)
    
    # Check security headers
    try:
        security_headers = {}
        headers = response.headers
        security_headers['Strict-Transport-Security'] = headers.get('Strict-Transport-Security', 'Not Set')
        security_headers['Content-Security-Policy'] = headers.get('Content-Security-Policy', 'Not Set')
        security_headers['X-Content-Type-Options'] = headers.get('X-Content-Type-Options', 'Not Set')
        security_headers['X-Frame-Options'] = headers.get('X-Frame-Options', 'Not Set')
        security_headers['X-XSS-Protection'] = headers.get('X-XSS-Protection', 'Not Set')
        results['Security Headers'] = security_headers
    except Exception as e:
        results['Security Headers'] = str(e)
    
    # Check cookies for HttpOnly and SameSite attributes
    try:
        cookies = response.cookies
        cookie_info = {}
        for cookie in cookies:
            cookie_info[cookie.name] = {
                'HttpOnly': cookie._rest.get('HttpOnly', 'Not Set'),
                'SameSite': cookie._rest.get('SameSite', 'Not Set')
            }
        results['Cookies'] = cookie_info if cookie_info else "No cookies found."
    except Exception as e:
        results['Cookies'] = str(e)
    
    return results

# Create a Gradio interface
iface = gr.Interface(
    fn=extract_comments_and_check_security,
    inputs=gr.Textbox(label="Enter URL"),
    outputs=gr.JSON(),
    title="HTML Comment and Security Checker",
    description="Enter a URL to extract comments from its HTML content and check for security headers and cookie attributes."
)

# Launch the Gradio app
iface.launch()