Paramètres d'affichage

Choisissez un thème pour personnaliser l'apparence du site.

https://www.snu.gouv.fr

Développer la conscience citoyenne des jeunes
environ 6 heures

engagement_civique

fiche beta.gouv.fr

Copie d'écran de https://www.snu.gouv.fr

Nmap

Scan Summary :

B

severityservicevulnerability

info

http (port:80)

info

http (port:443)

info

http (port:8080)

info

http (port:8443)
Consulter le rapport détaillé

Mozilla HTTP observatory

Scan Summary :

D-

ImpactDescriptionDocumentation

-25

Content Security Policy (CSP) header not implemented

-20

Strict-Transport-Security header not implemented.

Add HSTS. Consider rolling out with shorter periods first (as suggested on https://hstspreload.org/).

-20

X-Frame-Options (XFO) header not implemented.

Documentation for x-frame-options-sameorigin-or-deny

-5

Subresource Integrity (SRI) not implemented, but all external scripts are loaded over HTTPS.

Add SRI to external scripts.

-5

X-Content-Type-Options header not implemented.

Documentation for x-content-type-options-nosniff

Rapport détaillé

SSL

Scan Summary :

A


Grade capped to A. HSTS is not offered

Rapport détaillé

Scan OWASPenviron 6 heures

riskname

Medium (High)

Content Security Policy (CSP) Header Not Set

Medium (High)

Sub Resource Integrity Attribute Missing

Medium (Medium)

Missing Anti-clickjacking Header

Low (High)

Strict-Transport-Security Header Not Set

Low (Medium)

Cookie No HttpOnly Flag

Low (Medium)

Cross-Domain JavaScript Source File Inclusion

Low (Medium)

Insufficient Site Isolation Against Spectre Vulnerability

Low (Medium)

Permissions Policy Header Not Set

Low (Medium)

Secure Pages Include Mixed Content

Low (Medium)

X-Content-Type-Options Header Missing

Low (Low)

Dangerous JS Functions

Low (Low)

Timestamp Disclosure - Unix

Informational (High)

Sec-Fetch-Dest Header is Missing

Informational (High)

Sec-Fetch-Mode Header is Missing

Informational (High)

Sec-Fetch-Site Header is Missing

Informational (High)

Sec-Fetch-User Header is Missing

Informational (Medium)

Base64 Disclosure

Informational (Medium)

Modern Web Application

Informational (Medium)

Retrieved from Cache

Informational (Medium)

Session Management Response Identified

Informational (Medium)

Storable and Cacheable Content

Informational (Medium)

Storable but Non-Cacheable Content

Informational (Low)

Charset Mismatch

Informational (Low)

Cookie Poisoning

Informational (Low)

Information Disclosure - Suspicious Comments

Informational (Low)

Loosely Scoped Cookie

Informational (Low)

Re-examine Cache-control Directives

Rapport détaillé