OWAP Baseline - Githubissues

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca New Alerts
- Content Security Policy (CSP) Header Not Set [10038] total: 3:
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 3:
- Strict-Transport-Security Header Not Set [10035] total: 11:
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
- Base64 Disclosure [10094] total: 5:
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
- Modern Web Application [10109] total: 3:
- Non-Storable Content [10049] total: 4:
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 7:

View the following link to download the report. RunnerID:7197616203

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca Resolved Alerts
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 3:

View the following link to download the report. RunnerID:7199471811

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml

View the following link to download the report. RunnerID:7226670410

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca New Alerts
- Content Security Policy (CSP) Header Not Set [10038] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-b44ac2e602ee9be4.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - ..
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Strict-Transport-Security Header Not Set [10035] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
  - ..
- Base64 Disclosure [10094] total: 5:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f647c7aee97be478.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f647c7aee97be478.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 4:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 6:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/DYBhSLdUXIw0SozTyudJN/_buildManifest.js
  - ..
- Storable but Non-Cacheable Content [10049] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/favicon.ico

View the following link to download the report. RunnerID:7227164714

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Base64 Disclosure [10094] total: 5:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 8:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - ..

View the following link to download the report. RunnerID:7243410279

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Base64 Disclosure [10094] total: 5:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 4:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 7:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - ..

View the following link to download the report. RunnerID:7243413539

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 12:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Base64 Disclosure [10094] total: 5:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-872ac0033002d566.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 4:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/home
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 6:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-82483b901e0836ae.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/JYECgiY3U4nXZCPwS6yah/_buildManifest.js
  - ..
- Storable but Non-Cacheable Content [10049] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/favicon.ico

View the following link to download the report. RunnerID:7251534470

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-a693e562dda4fb66.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 12:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 12:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Base64 Disclosure [10094] total: 5:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/77-f5900d0afebf0634.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 4:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 7:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-1c7039e334c65cf0.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - ..

View the following link to download the report. RunnerID:7279255372

github-actions[bot] commented 9 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_buildManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_ssgManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-3d23ec8ae3cc3090.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_buildManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_ssgManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_buildManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_ssgManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - ..
- Base64 Disclosure [10094] total: 6:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-3d23ec8ae3cc3090.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-06822257bfa2bc4c.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - ..
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_buildManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-3d23ec8ae3cc3090.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 7:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_buildManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/B9wdd706mP3_NtdpQLp9l/_ssgManifest.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-85529db313cda883.js
  - ..
- Storable but Non-Cacheable Content [10049] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-dev.apps.silver.devops.gov.bc.ca/favicon.ico

View the following link to download the report. RunnerID:7301512378

emilymendelson commented 9 months ago

Status of issues from ZAP scan:

Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)

Added in poweredByHeader to next.config.js

CSP: Wildcard Directive

Updated Content-Security-Policy header in next.config.js

CSP: script-scr unsafe-eval

Removed from Content-Security-Policy header in next.config.js

CSP: script-scr unsafe-inline

Removed from Content-Security-Policy header in next.config.js

Content Security Policy (CSP) Header No Set

Content-Security-Policy header added to next.config.js

Missing Anti-clickjacking Header

Added in X-Frame-Options header to next.config.js

Cookie with SameSite Attribute None

We are passing cookie from BE url to FE, no change required

Permissions Policy Header Not Set

Added in Permissions-Policy header to next.config.js

Strict-Transport-Security Header Not Set

Added in Strict-Transport-Security header to next.config.js

Timestamp Disclosure - Unix

Manually confirmed that timestamp data is not sensitive, no change required

X-Content-Type-Options Header Missing

Added in X-Content-Type-Options header to next.config.js

Base64 Disclosure

Manually confirmed that Base64 data does not leak sensitive information, no change required

Content-Type Header Missing

Added in X-Content-Type-Options header to next.config.js

Information Disclosure - Suspicious Comments

Manually confirmed that comments do not return information that may help an attacker, no change required

Modern Web Application

Informational alert, no change required

Non-Storable Content

No change required, may implement caching in future to improve performance

Sec-Fetch-Dest Header is Missing

No change made yet

Sec-Fetch-Mode Header is Missing

No change made yet

Sec-Fetch-Site Header is Missing

No change made yet

Sec-Fetch-User Header is Missing

No change made yet

Storable and Cacheable Content

Informational alert, no change required

Storable but Non-Cacheable Content

Informational alert, no change required

github-actions[bot] commented 8 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-06822257bfa2bc4c.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-06822257bfa2bc4c.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-06822257bfa2bc4c.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Base64 Disclosure [10094] total: 6:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-06822257bfa2bc4c.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - ..
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 8:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - ..

View the following link to download the report. RunnerID:7443368481

github-actions[bot] commented 8 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-prod.apps.silver.devops.gov.bc.ca New Alerts
- Content Security Policy (CSP) Header Not Set [10038] total: 3:
- Permissions Policy Header Not Set [10063] total: 3:
- Strict-Transport-Security Header Not Set [10035] total: 3:
- Non-Storable Content [10049] total: 3:
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
- Sec-Fetch-Site Header is Missing [90005] total: 3:
- Sec-Fetch-User Header is Missing [90005] total: 3:

View the following link to download the report. RunnerID:7443459403

github-actions[bot] commented 8 months ago

Site: https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca New Alerts
- CSP: Wildcard Directive [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-eval [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: script-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- CSP: style-src unsafe-inline [10055] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Content Security Policy (CSP) Header Not Set [10038] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Missing Anti-clickjacking Header [10020] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Cookie with SameSite Attribute None [10054] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Permissions Policy Header Not Set [10063] total: 12:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - ..
- Strict-Transport-Security Header Not Set [10035] total: 11:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - ..
- Timestamp Disclosure - Unix [10096] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
- X-Content-Type-Options Header Missing [10021] total: 12:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/684-f945c075b2c9d54e.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - ..
- Base64 Disclosure [10094] total: 6:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/404-06822257bfa2bc4c.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - ..
- Content-Type Header Missing [10019] total: 1:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
- Information Disclosure - Suspicious Comments [10027] total: 9:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/665-85dd3b9dd8d10ef1.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/framework-0c7baedefba6b077.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/main-1f67a3cf9931af88.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - ..
- Modern Web Application [10109] total: 3:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Non-Storable Content [10049] total: 4:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/home
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/robots.txt
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/sitemap.xml
- Sec-Fetch-Dest Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Mode Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-Site Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Sec-Fetch-User Header is Missing [90005] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
- Session Management Response Identified [10112] total: 2:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/
- Storable and Cacheable Content [10049] total: 7:
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/_app-83735b03f48df9ad.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/pages/index-103e9d86e8e43b92.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/chunks/webpack-69ea0539f28e5c17.js
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/5ea3f00a67852f2d.css
  - https://bc-emli-pin-mgmt-fe-c82b4c-test.apps.silver.devops.gov.bc.ca/_next/static/css/7064ed36183cc9bf.css
  - ..

View the following link to download the report. RunnerID:7443491344

bcgov / bc-emli-pin-mgmt-fe

OWAP Baseline #152

Status of issues from ZAP scan: