Startsida Utforska Hjälp
Logga in
eric
/
InstallationServeur
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: 737b1e5ca4
Grenar Taggar
Installation...
/
docs
/
Source DOM de la sélection.html

Source DOM de la sélection.html 35 KB
Historik

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. <!DOCTYPE html>
    2. 

  2. <html><head>
    3. 

  3. <meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width"><title>Source DOM de la sélection</title><link rel="stylesheet" type="text/css" href="resource://content-accessible/viewsource.css"></head><body id="viewsource" class="highlight" style="-moz-tab-size: 4" contextmenu="actions"><pre id="line1"><span></span><span class="error" title="Balise ouvrante rencontrée sans avoir rencontré de doctype auparavant. «&nbsp;&lt;!DOCTYPE html&gt;&nbsp;» attendu.">&lt;<span class="start-tag">div</span> <span class="attribute-name">class</span>="<a class="attribute-value">table-responsive</a>"&gt;</span><span>
    4. 

  4. <span id="line2"></span>                            </span><span>&lt;<span class="start-tag">table</span> <span class="attribute-name">class</span>="<a class="attribute-value">table table-striped table-condensed pull-left scan-summary-table</a>"&gt;</span><span>
    5. 

  5. <span id="line3"></span>                                </span><span>&lt;<span class="start-tag">tbody</span>&gt;</span><span></span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    6. 

  6. <span id="line4"></span>                                    </span><span>&lt;<span class="start-tag">th</span>&gt;</span><span>Test</span><span>&lt;/<span class="end-tag">th</span>&gt;</span><span>
    7. 

  7. <span id="line5"></span>                                    </span><span>&lt;<span class="start-tag">th</span>&gt;</span><span>Pass</span><span>&lt;/<span class="end-tag">th</span>&gt;</span><span>
    8. 

  8. <span id="line6"></span>                                    </span><span>&lt;<span class="start-tag">th</span>&gt;</span><span>Score</span><span>&lt;/<span class="end-tag">th</span>&gt;</span><span>
    9. 

  9. <span id="line7"></span>                                    </span><span>&lt;<span class="start-tag">th</span>&gt;</span><span>Explanation</span><span>&lt;/<span class="end-tag">th</span>&gt;</span><span>
    10. 

  10. <span id="line8"></span>                                    </span><span>&lt;<span class="start-tag">th</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">th</span>&gt;</span><span>
    11. 

  11. <span id="line9"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    12. 

  12. <span id="line10"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    13. 

  13. <span id="line11"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#content-security-policy">https://infosec.mozilla.org/guidelines/web_security#content-security-policy</a>"&gt;</span><span>Content Security Policy</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    14. 

  14. <span id="line12"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-content-security-policy-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    15. 

  15. <span id="line13"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-content-security-policy-score</a>"&gt;</span><span>-25</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    16. 

  16. <span id="line14"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-content-security-policy-score-description</a>"&gt;</span><span>Content Security Policy (CSP) header not implemented</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    17. 

  17. <span id="line15"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Content Security Policy (CSP) can prevent a wide range of cross-site scripting (XSS) and clickjacking attacks against your website.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Content Security Policy</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    18. 

  18. <span id="line16"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    19. 

  19. <span id="line17"></span>                                
    20. 

  20. <span id="line18"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    21. 

  21. <span id="line19"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#cookies">https://infosec.mozilla.org/guidelines/web_security#cookies</a>"&gt;</span><span>Cookies</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    22. 

  22. <span id="line20"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-cookies-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    23. 

  23. <span id="line21"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cookies-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    24. 

  24. <span id="line22"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cookies-score-description</a>"&gt;</span><span>No cookies detected</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    25. 

  25. <span id="line23"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Using cookies attributes such as Secure and HttpOnly can protect users from having their personal information stolen.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Cookies</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    26. 

  26. <span id="line24"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    27. 

  27. <span id="line25"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    28. 

  28. <span id="line26"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#cross-origin-resource-sharing">https://infosec.mozilla.org/guidelines/web_security#cross-origin-resource-sharing</a>"&gt;</span><span>Cross-origin Resource Sharing</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    29. 

  29. <span id="line27"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-ok</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-cross-origin-resource-sharing-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Pass</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    30. 

  30. <span id="line28"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cross-origin-resource-sharing-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    31. 

  31. <span id="line29"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cross-origin-resource-sharing-score-description</a>"&gt;</span><span>Content is not visible via cross-origin resource sharing (CORS) files or headers</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    32. 

  32. <span id="line30"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Incorrectly configured CORS settings can allow foreign sites to read your site's contents, possibly allowing them access to private user information.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Cross-origin Resource Sharing</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    33. 

  33. <span id="line31"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    34. 

  34. <span id="line32"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    35. 

  35. <span id="line33"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#http-public-key-pinning">https://infosec.mozilla.org/guidelines/web_security#http-public-key-pinning</a>"&gt;</span><span>HTTP Public Key Pinning</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    36. 

  36. <span id="line34"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-public-key-pinning-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    37. 

  37. <span id="line35"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-public-key-pinning-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    38. 

  38. <span id="line36"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-public-key-pinning-score-description</a>"&gt;</span><span>HTTP Public Key Pinning (HPKP) header not implemented (optional)</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    39. 

  39. <span id="line37"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">HTTP Public Key Pinning (HPKP) binds a site to a specific combination of certificate authorities and/or keys, protecting against the unauthorized issuance of certificates.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">HTTP Public Key Pinning</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    40. 

  40. <span id="line38"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    41. 

  41. <span id="line39"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    42. 

  42. <span id="line40"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security">https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security</a>"&gt;</span><span>HTTP Strict Transport Security</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    43. 

  43. <span id="line41"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-ok</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-strict-transport-security-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Pass</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    44. 

  44. <span id="line42"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-strict-transport-security-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    45. 

  45. <span id="line43"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-strict-transport-security-score-description</a>"&gt;</span><span>HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    46. 

  46. <span id="line44"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">HTTP Strict Transport Security (HSTS) instructs web browsers to visit your site only over HTTPS.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">HTTP Strict Transport Security</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    47. 

  47. <span id="line45"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    48. 

  48. <span id="line46"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    49. 

  49. <span id="line47"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#http-redirections">https://infosec.mozilla.org/guidelines/web_security#http-redirections</a>"&gt;</span><span>Redirection</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    50. 

  50. <span id="line48"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-ok</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-redirection-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Pass</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    51. 

  51. <span id="line49"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-redirection-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    52. 

  52. <span id="line50"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-redirection-score-description</a>"&gt;</span><span>Initial redirection is to HTTPS on same host, final destination is HTTPS</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    53. 

  53. <span id="line51"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Properly configured redirections from HTTP to HTTPS allow browsers to correctly apply HTTP Strict Transport Security (HSTS) settings.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Redirection</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    54. 

  54. <span id="line52"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    55. 

  55. <span id="line53"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    56. 

  56. <span id="line54"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#referrer-policy">https://infosec.mozilla.org/guidelines/web_security#referrer-policy</a>"&gt;</span><span>Referrer Policy</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    57. 

  57. <span id="line55"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-referrer-policy-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    58. 

  58. <span id="line56"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-referrer-policy-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    59. 

  59. <span id="line57"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-referrer-policy-score-description</a>"&gt;</span><span>Referrer-Policy header not implemented (optional)</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    60. 

  60. <span id="line58"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Referrer Policy can protect the privacy of your users by restricting the contents of the HTTP Referer header.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Referrer Policy</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    61. 

  61. <span id="line59"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    62. 

  62. <span id="line60"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    63. 

  63. <span id="line61"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#subresource-integrity">https://infosec.mozilla.org/guidelines/web_security#subresource-integrity</a>"&gt;</span><span>Subresource Integrity</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    64. 

  64. <span id="line62"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-subresource-integrity-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    65. 

  65. <span id="line63"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-subresource-integrity-score</a>"&gt;</span><span>0</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    66. 

  66. <span id="line64"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-subresource-integrity-score-description</a>"&gt;</span><span>Subresource Integrity (SRI) is not needed since site contains no script tags</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    67. 

  67. <span id="line65"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Subresource Integrity protects against JavaScript files and stylesheets stored on content delivery networks (CDNs) from being maliciously modified.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Subresource Integrity</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    68. 

  68. <span id="line66"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    69. 

  69. <span id="line67"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    70. 

  70. <span id="line68"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#x-content-type-options">https://infosec.mozilla.org/guidelines/web_security#x-content-type-options</a>"&gt;</span><span>X-Content-Type-Options</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    71. 

  71. <span id="line69"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-content-type-options-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    72. 

  72. <span id="line70"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-content-type-options-score</a>"&gt;</span><span>-5</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    73. 

  73. <span id="line71"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-content-type-options-score-description</a>"&gt;</span><span>X-Content-Type-Options header not implemented</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    74. 

  74. <span id="line72"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">X-Content-Type-Options instructs browsers to not guess the MIME types of files that the web server is delivering.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">X-Content-Type-Options</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    75. 

  75. <span id="line73"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    76. 

  76. <span id="line74"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    77. 

  77. <span id="line75"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#x-frame-options">https://infosec.mozilla.org/guidelines/web_security#x-frame-options</a>"&gt;</span><span>X-Frame-Options</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    78. 

  78. <span id="line76"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-frame-options-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    79. 

  79. <span id="line77"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-frame-options-score</a>"&gt;</span><span>-20</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    80. 

  80. <span id="line78"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-frame-options-score-description</a>"&gt;</span><span>X-Frame-Options (XFO) header not implemented</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    81. 

  81. <span id="line79"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">X-Frame-Options controls whether your site can be framed, protecting against clickjacking attacks. It has been superseded by Content Security Policy's &lt;code&gt;frame-ancestors&lt;/code&gt; directive, but should still be used for now.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">X-Frame-Options</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    82. 

  82. <span id="line80"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    83. 

  83. <span id="line81"></span>                                </span><span>&lt;<span class="start-tag">tr</span>&gt;</span><span>
    84. 

  84. <span id="line82"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#x-xss-protection">https://infosec.mozilla.org/guidelines/web_security#x-xss-protection</a>"&gt;</span><span>X-XSS-Protection</span><span>&lt;/<span class="end-tag">a</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    85. 

  85. <span id="line83"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-xss-protection-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    86. 

  86. <span id="line84"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-xss-protection-score</a>"&gt;</span><span>-10</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    87. 

  87. <span id="line85"></span>                                    </span><span>&lt;<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-xss-protection-score-description</a>"&gt;</span><span>X-XSS-Protection header not implemented</span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    88. 

  88. <span id="line86"></span>                                    </span><span>&lt;<span class="start-tag">td</span>&gt;</span><span></span><span>&lt;<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">X-XSS-Protection protects against reflected cross-site scripting (XSS) attacks in IE and Chrome, but has been superseded by Content Security Policy. It can still be used to protect users of older web browsers.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">X-XSS-Protection</a>"&gt;</span><span></span><span>&lt;/<span class="end-tag">span</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">td</span>&gt;</span><span>
    89. 

  89. <span id="line87"></span>                                </span><span>&lt;/<span class="end-tag">tr</span>&gt;</span><span>
    90. 

  90. <span id="line88"></span>                            </span><span>&lt;/<span class="end-tag">tbody</span>&gt;</span><span></span><span>&lt;/<span class="end-tag">table</span>&gt;</span><span>
    91. 

  91. <span id="line89"></span>                        </span><span>&lt;/<span class="end-tag">div</span>&gt;</span><span></span></pre><menu type="context" id="actions"><menuitem id="goToLine" label="Aller à la ligne…" accesskey="l"></menuitem><menuitem id="wrapLongLines" label="Retour à la ligne automatique" type="checkbox"></menuitem><menuitem id="highlightSyntax" label="Coloration syntaxique" type="checkbox" checked="true"></menuitem></menu></body></html>
    92.