generated from SocialGouv/dashlord
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
- Loading branch information
1 parent
a3ce476
commit 7d91723
Showing
14 changed files
with
1,530 additions
and
1,709 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
results/aHR0cHM6Ly9idWRnZXQtc2l0ZS5hZGVtZS52ZXJjZWwuYXBw/http.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| {"url":"https://budget-site.ademe.vercel.app","algorithm_version":3,"end_time":"Sun, 22 Sep 2024 04:14:57 GMT","grade":"B+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Access-Control-Allow-Origin":"*","Age":"12486059","Cache-Control":"public, max-age=0, must-revalidate","Content-Disposition":"inline","Content-Encoding":"gzip","Content-Security-Policy":"default-src 'none'; connect-src 'self' https://*.gouv.fr; font-src 'self'; media-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'self' data:; frame-ancestors 'self'; base-uri 'self' https://*.gouv.fr; form-action 'self' https://*.gouv.fr; frame-src 'none'; block-all-mixed-content ; upgrade-insecure-requests ;","Content-Type":"text/html; charset=utf-8","Cross-Origin-Embedder-Policy":"credentialless","Cross-Origin-Opener-Policy":"same-origin","Cross-Origin-Resource-Policy":"cross-origin","Date":"Sun, 22 Sep 2024 04:14:56 GMT","Etag":"W/\"ca45cba5a0c14beeffe02e8a83aab3a3\"","Permissions-Policy":"fullscreen=(), display-capture=(), camera=(), microphone=(), geolocation=()","Referrer-Policy":"no-referrer, strict-origin-when-cross-origin","Server":"Vercel","Strict-Transport-Security":"max-age=63072000; includeSubDomains; preload","Transfer-Encoding":"chunked","Vary":"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url","X-Content-Type-Options":"nosniff","X-Frame-Options":"DENY","X-Matched-Path":"/","X-Vercel-Cache":"HIT","X-Vercel-Id":"pdx1::2nb9s-1726978496236-16c8549dcd20","X-Xss-Protection":"1; mode=block"},"scan_id":55934222,"score":80,"start_time":"Sun, 22 Sep 2024 04:14:55 GMT","state":"FINISHED","status_code":200,"tests_failed":1,"tests_passed":9,"tests_quantity":10,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"base-uri":["'self'","https://*.gouv.fr"],"block-all-mixed-content":["'none'"],"connect-src":["'self'","https://*.gouv.fr"],"default-src":["'none'"],"font-src":["'self'"],"form-action":["'self'","https://*.gouv.fr"],"frame-ancestors":["'self'"],"frame-src":["'none'"],"img-src":["'self'","data:"],"media-src":["'self'"],"object-src":["'self'","data:"],"script-src":["'self'","'unsafe-inline'"],"style-src":["'self'","'unsafe-inline'"],"upgrade-insecure-requests":["'none'"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":true,"defaultNone":true,"insecureBaseUri":false,"insecureFormAction":false,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":false,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":false}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"*","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-public-access","score_description":"Public content is visible via cross-origin resource sharing (CORS) Access-Control-Allow-Origin header","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://budget-site.ademe.vercel.app/","redirects":true,"route":["http://budget-site.ademe.vercel.app/","https://budget-site.ademe.vercel.app/"],"status_code":200},"pass":true,"result":"redirection-all-redirects-preloaded","score_description":"All hosts redirected to are in the HTTP Strict Transport Security (HSTS) preload list","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"no-referrer, strict-origin-when-cross-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=63072000; includeSubDomains; preload","includeSubDomains":true,"max-age":63072000,"preload":true,"preloaded":true},"pass":true,"result":"hsts-preloaded","score_description":"Preloaded via the HTTP Strict Transport Security (HSTS) preloading process","score_modifier":5},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"DENY"},"pass":true,"result":"x-frame-options-implemented-via-csp","score_description":"X-Frame-Options (XFO) implemented via the CSP frame-ancestors directive","score_modifier":5},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"Deprecated X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}} | ||
| {"url":"https://budget-site.ademe.vercel.app","algorithm_version":3,"end_time":"Sun, 29 Sep 2024 04:18:47 GMT","grade":"B+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Access-Control-Allow-Origin":"*","Age":"13091089","Cache-Control":"public, max-age=0, must-revalidate","Content-Disposition":"inline","Content-Encoding":"gzip","Content-Security-Policy":"default-src 'none'; connect-src 'self' https://*.gouv.fr; font-src 'self'; media-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'self' data:; frame-ancestors 'self'; base-uri 'self' https://*.gouv.fr; form-action 'self' https://*.gouv.fr; frame-src 'none'; block-all-mixed-content ; upgrade-insecure-requests ;","Content-Type":"text/html; charset=utf-8","Cross-Origin-Embedder-Policy":"credentialless","Cross-Origin-Opener-Policy":"same-origin","Cross-Origin-Resource-Policy":"cross-origin","Date":"Sun, 29 Sep 2024 04:18:46 GMT","Etag":"W/\"ca45cba5a0c14beeffe02e8a83aab3a3\"","Permissions-Policy":"fullscreen=(), display-capture=(), camera=(), microphone=(), geolocation=()","Referrer-Policy":"no-referrer, strict-origin-when-cross-origin","Server":"Vercel","Strict-Transport-Security":"max-age=63072000; includeSubDomains; preload","Transfer-Encoding":"chunked","Vary":"RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url","X-Content-Type-Options":"nosniff","X-Frame-Options":"DENY","X-Matched-Path":"/","X-Vercel-Cache":"HIT","X-Vercel-Id":"pdx1::ncwlr-1727583526230-35f29910b4d9","X-Xss-Protection":"1; mode=block"},"scan_id":56219579,"score":80,"start_time":"Sun, 29 Sep 2024 04:18:45 GMT","state":"FINISHED","status_code":200,"tests_failed":1,"tests_passed":9,"tests_quantity":10,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"base-uri":["https://*.gouv.fr","'self'"],"block-all-mixed-content":["'none'"],"connect-src":["https://*.gouv.fr","'self'"],"default-src":["'none'"],"font-src":["'self'"],"form-action":["https://*.gouv.fr","'self'"],"frame-ancestors":["'self'"],"frame-src":["'none'"],"img-src":["data:","'self'"],"media-src":["'self'"],"object-src":["data:","'self'"],"script-src":["'unsafe-inline'","'self'"],"style-src":["'unsafe-inline'","'self'"],"upgrade-insecure-requests":["'none'"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":true,"defaultNone":true,"insecureBaseUri":false,"insecureFormAction":false,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":false,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":false}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"*","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-public-access","score_description":"Public content is visible via cross-origin resource sharing (CORS) Access-Control-Allow-Origin header","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://budget-site.ademe.vercel.app/","redirects":true,"route":["http://budget-site.ademe.vercel.app/","https://budget-site.ademe.vercel.app/"],"status_code":200},"pass":true,"result":"redirection-all-redirects-preloaded","score_description":"All hosts redirected to are in the HTTP Strict Transport Security (HSTS) preload list","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"no-referrer, strict-origin-when-cross-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=63072000; includeSubDomains; preload","includeSubDomains":true,"max-age":63072000,"preload":true,"preloaded":true},"pass":true,"result":"hsts-preloaded","score_description":"Preloaded via the HTTP Strict Transport Security (HSTS) preloading process","score_modifier":5},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"DENY"},"pass":true,"result":"x-frame-options-implemented-via-csp","score_description":"X-Frame-Options (XFO) implemented via the CSP frame-ancestors directive","score_modifier":5},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"Deprecated X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}} |
2 changes: 1 addition & 1 deletion
2
...2l0ZS5hZGVtZS52ZXJjZWwuYXBw/lhr-aHR0cHM6Ly9idWRnZXQtc2l0ZS5hZGVtZS52ZXJjZWwuYXBwLw==.html
Large diffs are not rendered by default.
Oops, something went wrong.
1,766 changes: 883 additions & 883 deletions
1,766
results/aHR0cHM6Ly9idWRnZXQtc2l0ZS5hZGVtZS52ZXJjZWwuYXBw/lhr.json
Large diffs are not rendered by default.
Oops, something went wrong.
60 changes: 30 additions & 30 deletions
60
results/aHR0cHM6Ly9idWRnZXQtc2l0ZS5hZGVtZS52ZXJjZWwuYXBw/nuclei.json
Large diffs are not rendered by default.
Oops, something went wrong.
Binary file modified
BIN
-533 Bytes
(100%)
results/aHR0cHM6Ly9idWRnZXQtc2l0ZS5hZGVtZS52ZXJjZWwuYXBw/screenshot.jpeg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.