This repository has been archived by the owner on Nov 4, 2024. It is now read-only.

mozilla / http-observatory Public archive

Notifications You must be signed in to change notification settings
Fork 170
Star 1.9k

Code
Issues 73
Pull requests 18
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Issues: mozilla/http-observatory

Labels 9 Milestones 0

73 Open 161 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

Remediate CVEs reported by trivy

#543 opened Oct 9, 2024 by creste

Integration with Ansible?

#539 opened Sep 10, 2024 by ildjarnisdead

database-down

#538 opened Aug 6, 2024 by sewkra

APIs for new MDN Observatory

#537 opened Jul 29, 2024 by scarytom

CVE-2024-21503 in psf/black

#535 opened Jul 1, 2024 by alexdmccabe

Localhost check is too broad

#533 opened May 24, 2024 by jAg-upfort

Problematic advice regarding cookies with HSTS without secure flag security

An issue that relates to the content of the security recommendations in Observatory

#515 opened Dec 15, 2023 by hannob

Set-cookie: HttpOnly flag seems to misinterpreted by Observatory checks

#513 opened Sep 25, 2023 by ArtM01

Blank http-equiv causes CSP test to fail with 'csp-header-invalid'

#492 opened Jan 25, 2023 by cuibonobo

CSP in <meta> is not analyzed when sent together with CSP in header

#489 opened Nov 14, 2022 by rw-AntoniRoszak

database-down

#480 opened Aug 30, 2022 by roxannelandry

Can't run it on ARM Mac

#475 opened Apr 14, 2022 by twocs

Allow multiple headers when parsing CSP

#466 opened Mar 22, 2022 by april

Don't recommend "Deny by default" when prefetch-src is experimental

#463 opened Feb 28, 2022 by carlin-q-scott

Content Security Policy (CSP) implemented unsafely

#461 opened Jan 12, 2022 by digitalgregg

Not Working for localhost website

#459 opened Dec 16, 2021 by Engineerumair

hsts-preloaded not taken into account

#456 opened Nov 15, 2021 by mktl73

Subresource Integrity warning for scripts with data-uri

#455 opened Nov 4, 2021 by exyi

CSP help question

#452 opened Oct 6, 2021 by azrael11

HTTP to HTTPS redirection not validated on subdomain

#451 opened Sep 16, 2021 by deastr

Add missing scan options

#450 opened Aug 31, 2021 by jamesalexatkin

Absence of scripts or cookies should not be worth fewer points than secure cookies/scripts

#449 opened Aug 1, 2021 by Seirdy

Support for proxy route-based forwarding

#447 opened Jun 7, 2021 by pbryant-phew

Warn if "Server" header reveals software version feature request

#443 opened May 7, 2021 by JeremyRand

User-Agent changed?

#442 opened Apr 12, 2021 by craigfrancis

Previous 1 2 3 Next

Previous Next

ProTip! Find all open issues with in progress development work with linked:pr.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly