aplypro.beta.gouv.fr

Valoriser les périodes de formation en milieu professionnel (PFMP) réalisées par les lycéens et lycéennes pro.

environ 3 heures

dinum

fiche beta.gouv.fr

Nmap

Scan Summary :

Scan Summary :

C+

Impact	Description	Documentation
-25	Content Security Policy (CSP) header not implemented	Implement one, see MDN's Content Security Policy (CSP) documentation.
-10	Session cookie set without the `Secure` flag, but transmission over HTTP prevented by HSTS.	Documentation for cookies-secure-with-httponly-sessions
-5	Subresource Integrity (SRI) not implemented, but all external scripts are loaded over HTTPS.	Add SRI to external scripts.

Scan Summary :

A+

risk	name
Medium (High)	Content Security Policy (CSP) Header Not Set
Medium (High)	Sub Resource Integrity Attribute Missing
Low (Medium)	Cookie Without Secure Flag
Low (Medium)	Cross-Domain JavaScript Source File Inclusion
Low (Medium)	Insufficient Site Isolation Against Spectre Vulnerability
Low (Medium)	Permissions Policy Header Not Set
Low (Medium)	X-Content-Type-Options Header Missing
Informational (High)	Sec-Fetch-Dest Header is Missing
Informational (High)	Sec-Fetch-Mode Header is Missing
Informational (High)	Sec-Fetch-Site Header is Missing
Informational (High)	Sec-Fetch-User Header is Missing
Informational (Medium)	Base64 Disclosure
Informational (Medium)	Content-Type Header Missing
Informational (Medium)	Modern Web Application
Informational (Medium)	Non-Storable Content
Informational (Medium)	Session Management Response Identified
Informational (Medium)	Storable and Cacheable Content
Informational (Low)	Information Disclosure - Suspicious Comments
Informational (Low)	Re-examine Cache-control Directives