forked from betagouv/dashlord
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
update: https://app.eva.beta.gouv.fr
- Loading branch information
1 parent
3c87ff1
commit 05104aa
Showing
15 changed files
with
902 additions
and
902 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
{"url":"https://app.eva.beta.gouv.fr","algorithm_version":2,"end_time":"Sun, 12 Jun 2022 11:32:01 GMT","grade":"F","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Connection":"keep-alive","Content-Length":"534","accept-ranges":"bytes","content-encoding":"gzip","content-type":"text/html","date":"Sun, 12 Jun 2022 11:32:00 GMT","etag":"\"3bd-5d4b0578c1e84-gzip\"","last-modified":"Mon, 03 Jan 2022 16:52:11 GMT","server":"Apache","vary":"Accept-Encoding","via":"1.1 alproxy"},"scan_id":27090253,"score":20,"start_time":"Sun, 12 Jun 2022 11:31:58 GMT","state":"FINISHED","status_code":200,"tests_failed":5,"tests_passed":7,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://app.eva.beta.gouv.fr/","redirects":true,"route":["http://app.eva.beta.gouv.fr/","https://app.eva.beta.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":null,"http":false,"meta":false},"pass":true,"result":"referrer-policy-not-implemented","score_description":"Referrer-Policy header not implemented","score_modifier":0},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":null,"includeSubDomains":false,"max-age":null,"preload":false,"preloaded":false},"pass":false,"result":"hsts-not-implemented","score_description":"HTTP Strict Transport Security (HSTS) header not implemented","score_modifier":-20},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":null},"pass":false,"result":"x-content-type-options-not-implemented","score_description":"X-Content-Type-Options header not implemented","score_modifier":-5},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":null},"pass":false,"result":"x-frame-options-not-implemented","score_description":"X-Frame-Options (XFO) header not implemented","score_modifier":-20},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":null},"pass":false,"result":"x-xss-protection-not-implemented","score_description":"X-XSS-Protection header not implemented","score_modifier":-10}}} | ||
{"url":"https://app.eva.beta.gouv.fr","algorithm_version":2,"end_time":"Sun, 19 Jun 2022 11:28:07 GMT","grade":"F","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Connection":"keep-alive","Content-Length":"534","accept-ranges":"bytes","content-encoding":"gzip","content-type":"text/html","date":"Sun, 19 Jun 2022 11:28:06 GMT","etag":"\"3bd-5d4b0578c1e84-gzip\"","last-modified":"Mon, 03 Jan 2022 16:52:11 GMT","server":"Apache","vary":"Accept-Encoding","via":"1.1 alproxy"},"scan_id":27246028,"score":20,"start_time":"Sun, 19 Jun 2022 11:28:03 GMT","state":"FINISHED","status_code":200,"tests_failed":5,"tests_passed":7,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://app.eva.beta.gouv.fr/","redirects":true,"route":["http://app.eva.beta.gouv.fr/","https://app.eva.beta.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":null,"http":false,"meta":false},"pass":true,"result":"referrer-policy-not-implemented","score_description":"Referrer-Policy header not implemented","score_modifier":0},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":null,"includeSubDomains":false,"max-age":null,"preload":false,"preloaded":false},"pass":false,"result":"hsts-not-implemented","score_description":"HTTP Strict Transport Security (HSTS) header not implemented","score_modifier":-20},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":null},"pass":false,"result":"x-content-type-options-not-implemented","score_description":"X-Content-Type-Options header not implemented","score_modifier":-5},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":null},"pass":false,"result":"x-frame-options-not-implemented","score_description":"X-Frame-Options (XFO) header not implemented","score_modifier":-20},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":null},"pass":false,"result":"x-xss-protection-not-implemented","score_description":"X-XSS-Protection header not implemented","score_modifier":-10}}} |
Large diffs are not rendered by default.
Oops, something went wrong.
Oops, something went wrong.