https://mesevenementsemploi.pole-emploi.fr
Promouvoir l’ensemble des événements de l’emploi (job dating, conférence, atelier..) auprès des candidats et leur permettre de s’inscrire en ligne en vue de faciliter leur retour à l’emploi
Mozilla HTTP observatory
Scan Summary :
| Impact | Description | Documentation |
Content Security Policy (CSP) header not implemented | Implement one, see MDN's Content Security Policy (CSP) documentation. | |
| Add HSTS. Consider rolling out with shorter periods first (as suggested on https://hstspreload.org/). | |
| Documentation for x-frame-options-sameorigin-or-deny | |
| Documentation for x-content-type-options-nosniff |
Scan OWASP
| risk | name |
Medium (High) | Content Security Policy (CSP) Header Not Set |
Medium (High) | Sub Resource Integrity Attribute Missing |
Medium (Medium) | Missing Anti-clickjacking Header |
Low (High) | Strict-Transport-Security Header Not Set |
Low (Medium) | Cookie without SameSite Attribute |
Low (Medium) | Insufficient Site Isolation Against Spectre Vulnerability |
Low (Medium) | Permissions Policy Header Not Set |
Low (Low) | Timestamp Disclosure - Unix |
Informational (High) | Sec-Fetch-Dest Header is Missing |
Informational (High) | Sec-Fetch-Mode Header is Missing |
Informational (High) | Sec-Fetch-Site Header is Missing |
Informational (High) | Sec-Fetch-User Header is Missing |
Informational (Medium) | Base64 Disclosure |
Informational (Medium) | Modern Web Application |
Informational (Medium) | Session Management Response Identified |
Informational (Medium) | Storable and Cacheable Content |
Informational (Low) | Re-examine Cache-control Directives |