OWASP Baseline
Opened this issue · 2 comments
github-actions commented
- Site: http://localhost:3004
New Alerts- Absence of Anti-CSRF Tokens [10202] total: 2:
- Content Security Policy (CSP) Header Not Set [10038] total: 3:
- Cookie No HttpOnly Flag [10010] total: 11:
- Cookie without SameSite Attribute [10054] total: 10:
- Dangerous JS Functions [10110] total: 1:
- Permissions Policy Header Not Set [10063] total: 11:
- http://localhost:3004/
- http://localhost:3004/_next/static/chunks/8360-2891d9bad8e6c5dd.js
- http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
- http://localhost:3004/_next/static/chunks/main-a3de02a07ab781e7.js
- http://localhost:3004/_next/static/chunks/pages/404-6afac836af067973.js
- ..
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037] total: 3:
- Timestamp Disclosure - Unix [10096] total: 3:
- Base64 Disclosure [10094] total: 7:
- Information Disclosure - Suspicious Comments [10027] total: 11:
- http://localhost:3004/
- http://localhost:3004/_next/static/chunks/8360-2891d9bad8e6c5dd.js
- http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
- http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
- http://localhost:3004/_next/static/chunks/pages/_app-c6de9f20edc9f464.js
- ..
- Loosely Scoped Cookie [90033] total: 12:
- Modern Web Application [10109] total: 3:
- Non-Storable Content [10049] total: 1:
- Sec-Fetch-Dest Header is Missing [90005] total: 3:
- Sec-Fetch-Mode Header is Missing [90005] total: 3:
- Sec-Fetch-Site Header is Missing [90005] total: 3:
- Sec-Fetch-User Header is Missing [90005] total: 3:
- Session Management Response Identified [10112] total: 12:
- Storable and Cacheable Content [10049] total: 6:
- http://localhost:3004/_next/static/chunks/framework-d583295f3144c491.js
- http://localhost:3004/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
- http://localhost:3004/_next/static/chunks/webpack-69099345fb0f689a.js
- http://localhost:3004/_next/static/css/e90bd523cb72f146.css
- http://localhost:3004/robots.txt
- ..
- Storable but Non-Cacheable Content [10049] total: 4:
View the following link to download the report.
RunnerID:6123378897
github-actions commented
- Site: http://localhost:3004
Resolved Alerts- Cookie No HttpOnly Flag [10010] total: 11:
View the following link to download the report.
RunnerID:6123861755
github-actions commented
- Site: http://localhost:3004
New Alerts- Cookie No HttpOnly Flag [10010] total: 11:
View the following link to download the report.
RunnerID:6125941718