12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 |
- <!DOCTYPE html>
- <html><head>
- <meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width"><title>Source DOM de la sélection</title><link rel="stylesheet" type="text/css" href="resource://content-accessible/viewsource.css"></head><body id="viewsource" class="highlight" style="-moz-tab-size: 4" contextmenu="actions"><pre id="line1"><span></span><span class="error" title="Balise ouvrante rencontrée sans avoir rencontré de doctype auparavant. « <!DOCTYPE html> » attendu."><<span class="start-tag">div</span> <span class="attribute-name">class</span>="<a class="attribute-value">table-responsive</a>"></span><span>
- <span id="line2"></span> </span><span><<span class="start-tag">table</span> <span class="attribute-name">class</span>="<a class="attribute-value">table table-striped table-condensed pull-left scan-summary-table</a>"></span><span>
- <span id="line3"></span> </span><span><<span class="start-tag">tbody</span>></span><span></span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line4"></span> </span><span><<span class="start-tag">th</span>></span><span>Test</span><span></<span class="end-tag">th</span>></span><span>
- <span id="line5"></span> </span><span><<span class="start-tag">th</span>></span><span>Pass</span><span></<span class="end-tag">th</span>></span><span>
- <span id="line6"></span> </span><span><<span class="start-tag">th</span>></span><span>Score</span><span></<span class="end-tag">th</span>></span><span>
- <span id="line7"></span> </span><span><<span class="start-tag">th</span>></span><span>Explanation</span><span></<span class="end-tag">th</span>></span><span>
- <span id="line8"></span> </span><span><<span class="start-tag">th</span>></span><span></span><span></<span class="end-tag">th</span>></span><span>
- <span id="line9"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line10"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line11"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#content-security-policy">https://infosec.mozilla.org/guidelines/web_security#content-security-policy</a>"></span><span>Content Security Policy</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line12"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-content-security-policy-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line13"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-content-security-policy-score</a>"></span><span>-25</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line14"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-content-security-policy-score-description</a>"></span><span>Content Security Policy (CSP) header not implemented</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line15"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Content Security Policy (CSP) can prevent a wide range of cross-site scripting (XSS) and clickjacking attacks against your website.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Content Security Policy</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line16"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line17"></span>
- <span id="line18"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line19"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#cookies">https://infosec.mozilla.org/guidelines/web_security#cookies</a>"></span><span>Cookies</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line20"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-cookies-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line21"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cookies-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line22"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cookies-score-description</a>"></span><span>No cookies detected</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line23"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Using cookies attributes such as Secure and HttpOnly can protect users from having their personal information stolen.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Cookies</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line24"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line25"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line26"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#cross-origin-resource-sharing">https://infosec.mozilla.org/guidelines/web_security#cross-origin-resource-sharing</a>"></span><span>Cross-origin Resource Sharing</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line27"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-ok</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-cross-origin-resource-sharing-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Pass</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line28"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cross-origin-resource-sharing-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line29"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-cross-origin-resource-sharing-score-description</a>"></span><span>Content is not visible via cross-origin resource sharing (CORS) files or headers</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line30"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Incorrectly configured CORS settings can allow foreign sites to read your site's contents, possibly allowing them access to private user information.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Cross-origin Resource Sharing</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line31"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line32"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line33"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#http-public-key-pinning">https://infosec.mozilla.org/guidelines/web_security#http-public-key-pinning</a>"></span><span>HTTP Public Key Pinning</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line34"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-public-key-pinning-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line35"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-public-key-pinning-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line36"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-public-key-pinning-score-description</a>"></span><span>HTTP Public Key Pinning (HPKP) header not implemented (optional)</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line37"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">HTTP Public Key Pinning (HPKP) binds a site to a specific combination of certificate authorities and/or keys, protecting against the unauthorized issuance of certificates.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">HTTP Public Key Pinning</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line38"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line39"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line40"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security">https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security</a>"></span><span>HTTP Strict Transport Security</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line41"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-ok</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-strict-transport-security-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Pass</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line42"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-strict-transport-security-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line43"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-strict-transport-security-score-description</a>"></span><span>HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line44"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">HTTP Strict Transport Security (HSTS) instructs web browsers to visit your site only over HTTPS.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">HTTP Strict Transport Security</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line45"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line46"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line47"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#http-redirections">https://infosec.mozilla.org/guidelines/web_security#http-redirections</a>"></span><span>Redirection</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line48"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-ok</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-redirection-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Pass</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line49"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-redirection-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line50"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-redirection-score-description</a>"></span><span>Initial redirection is to HTTPS on same host, final destination is HTTPS</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line51"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Properly configured redirections from HTTP to HTTPS allow browsers to correctly apply HTTP Strict Transport Security (HSTS) settings.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Redirection</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line52"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line53"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line54"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#referrer-policy">https://infosec.mozilla.org/guidelines/web_security#referrer-policy</a>"></span><span>Referrer Policy</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line55"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-referrer-policy-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line56"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-referrer-policy-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line57"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-referrer-policy-score-description</a>"></span><span>Referrer-Policy header not implemented (optional)</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line58"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Referrer Policy can protect the privacy of your users by restricting the contents of the HTTP Referer header.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Referrer Policy</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line59"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line60"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line61"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#subresource-integrity">https://infosec.mozilla.org/guidelines/web_security#subresource-integrity</a>"></span><span>Subresource Integrity</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line62"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-minus</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-subresource-integrity-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Not Applicable / Optional</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line63"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-subresource-integrity-score</a>"></span><span>0</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line64"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-subresource-integrity-score-description</a>"></span><span>Subresource Integrity (SRI) is not needed since site contains no script tags</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line65"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">Subresource Integrity protects against JavaScript files and stylesheets stored on content delivery networks (CDNs) from being maliciously modified.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">Subresource Integrity</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line66"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line67"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line68"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#x-content-type-options">https://infosec.mozilla.org/guidelines/web_security#x-content-type-options</a>"></span><span>X-Content-Type-Options</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line69"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-content-type-options-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line70"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-content-type-options-score</a>"></span><span>-5</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line71"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-content-type-options-score-description</a>"></span><span>X-Content-Type-Options header not implemented</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line72"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">X-Content-Type-Options instructs browsers to not guess the MIME types of files that the web server is delivering.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">X-Content-Type-Options</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line73"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line74"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line75"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#x-frame-options">https://infosec.mozilla.org/guidelines/web_security#x-frame-options</a>"></span><span>X-Frame-Options</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line76"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-frame-options-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line77"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-frame-options-score</a>"></span><span>-20</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line78"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-frame-options-score-description</a>"></span><span>X-Frame-Options (XFO) header not implemented</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line79"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">X-Frame-Options controls whether your site can be framed, protecting against clickjacking attacks. It has been superseded by Content Security Policy's <code>frame-ancestors</code> directive, but should still be used for now.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">X-Frame-Options</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line80"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line81"></span> </span><span><<span class="start-tag">tr</span>></span><span>
- <span id="line82"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">a</span> <span class="attribute-name">href</span>="<a class="attribute-value" href="view-source:https://infosec.mozilla.org/guidelines/web_security#x-xss-protection">https://infosec.mozilla.org/guidelines/web_security#x-xss-protection</a>"></span><span>X-XSS-Protection</span><span></<span class="end-tag">a</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line83"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-remove</a>" <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-xss-protection-pass</a>" <span class="attribute-name">aria-hidden</span>="<a class="attribute-value">true</a>" <span class="attribute-name">aria-label</span>="<a class="attribute-value">Fail</a>"></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line84"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-xss-protection-score</a>"></span><span>-10</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line85"></span> </span><span><<span class="start-tag">td</span> <span class="attribute-name">id</span>="<a class="attribute-value">tests-x-xss-protection-score-description</a>"></span><span>X-XSS-Protection header not implemented</span><span></<span class="end-tag">td</span>></span><span>
- <span id="line86"></span> </span><span><<span class="start-tag">td</span>></span><span></span><span><<span class="start-tag">span</span> <span class="attribute-name">class</span>="<a class="attribute-value">glyphicon glyphicon-info-sign</a>" <span class="attribute-name">data-toggle</span>="<a class="attribute-value">popover</a>" <span class="attribute-name">title</span>="<a class="attribute-value"></a>" <span class="attribute-name">data-content</span>="<a class="attribute-value">X-XSS-Protection protects against reflected cross-site scripting (XSS) attacks in IE and Chrome, but has been superseded by Content Security Policy. It can still be used to protect users of older web browsers.</a>" <span class="attribute-name">data-original-title</span>="<a class="attribute-value">X-XSS-Protection</a>"></span><span></span><span></<span class="end-tag">span</span>></span><span></span><span></<span class="end-tag">td</span>></span><span>
- <span id="line87"></span> </span><span></<span class="end-tag">tr</span>></span><span>
- <span id="line88"></span> </span><span></<span class="end-tag">tbody</span>></span><span></span><span></<span class="end-tag">table</span>></span><span>
- <span id="line89"></span> </span><span></<span class="end-tag">div</span>></span><span></span></pre><menu type="context" id="actions"><menuitem id="goToLine" label="Aller à la ligne…" accesskey="l"></menuitem><menuitem id="wrapLongLines" label="Retour à la ligne automatique" type="checkbox"></menuitem><menuitem id="highlightSyntax" label="Coloration syntaxique" type="checkbox" checked="true"></menuitem></menu></body></html>
|