-
- Site: [http://elianasanabria-ekoparty-csdso-4549750a5266.herokuapp.com](http://elianasanabria-ekoparty-csdso-4549750a5266.herokuapp.com)
- Site: [https://elianasanabria-ekoparty-csdso-4549750a5266…
-
- Site: [http://dev-drr-emcr.apps.silver.devops.gov.bc.ca](http://dev-drr-emcr.apps.silver.devops.gov.bc.ca)
**New Alerts**
- **A Client Error response code was returned by the server** [100000]…
-
Currently there is a option to enable framing by all websites using AllowThirdPartyFraming option.
It will be better if you provide also a option to supply list of URLs that can frame the page, which …
-
With the CSP middleware it is possible to enable reporting of CSP violations to an API endpoint using the legacy v0 `Report-To`, or v1 `Reporting-Endpoints` directives ([more info](https://web.dev/rep…
-
This is more of a meta issue where I'm going to drop notes before actually coming up with a documented plan.
We intend to go through this process in the not so distant future and will have lessons…
-
I wrote a test to [test ordering of COEP reporting vs CSP and X-Frame-Options](https://github.com/web-platform-tests/wpt/pull/28281), and was a bit puzzled by the observed outcome in chromium. @Arthur…
-
## Issue Description
Sentry reports that our content security policy directives are out of whack with reality:
http://sentry.vfs.va.gov/organizations/vsp/issues/35909/?project=-1&query=is%3Aunresolv…
-
- Site: [https://d309kopm8ags5f.cloudfront.net](https://d309kopm8ags5f.cloudfront.net)
**New Alerts**
- **CSP: script-src unsafe-eval** [10055] total: 4:
- [https://d309kopm8ags5f.cloudfront…
-
1. Load https://aframe.io/examples/showcase/hello-metaverse/ or https://aframe.io/examples/showcase/a-painter/
2. Click the GitHub octocat icon in the bottom-left corner
3. Notice the GitHub page cann…
-
- Site: [https://apidev.lakkanan.shop](https://apidev.lakkanan.shop)
**New Alerts**
- **Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)** [10037] total: 1:
- [https…